[Bb-trac] Re: [bbPress] #874: strip_tags should be replaced with an
enhanced anti-xss function
bbPress
bb-trac at lists.bbpress.org
Sat May 3 15:37:44 GMT 2008
#874: strip_tags should be replaced with an enhanced anti-xss function
-------------------------+--------------------------------------------------
Reporter: _ck_ | Owner:
Type: enhancement | Status: reopened
Priority: low | Milestone:
Component: Back-end | Version:
Severity: minor | Resolution:
Keywords: |
-------------------------+--------------------------------------------------
Changes (by _ck_):
* status: closed => reopened
* resolution: invalid =>
Comment:
Doing some research on this I have found an xss infected bbPress site. Now
how it got infected, if through bbPress or via another program or even on
purpose by the site owner is unknown. But it bothers me to no end that it
exists.
DO NOT VISIT THIS SITE WITH JAVASCRIPT ENABLED
(even firefox/safari can be affected by by the injection through the
quicktime plugin)
bbpress . uniqplace . com / bbpress
(obviously remove spaces)
notice the
{{{
script>eval(unescape
}}}
at the very bottom of the page, which is the culprit.
Because it's after where body and html closes, I do not believe it's from
the bb_foot hook, so it must be directly in their template. But it does
raise ths question how the injection knew to do this. Did it search for
the html close? Or was it written specifically for WordPress/bbPress?
--
Ticket URL: <http://trac.bbpress.org/ticket/874#comment:3>
bbPress <http://bbpress.org/>
Innovative forum development
More information about the Bb-trac
mailing list