[#JM-629] Additional cross-site scripting bugs in login

[JM-629] Additional cross-site scripting bugs in login Created: 08/Apr/06 Updated: 12/Nov/08 Resolved: 25/Aug/08
Status:	Closed
Project:	Openfire (ARCHIVED)
Components:	Admin Console
Affects versions:	2.6.0
Fix versions:	3.6.0

Type:

Bug

Priority:

Blocker

Reporter:

MattM

Assignee:

Daniel Henninger

Resolution:

Fixed

Votes:

Labels:

None

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original estimate:

Not Specified

Issue links:

Related to
is related to	~~OF-90~~	Cross-site scripting attack in the lo...	Resolved
is related to	~~JM-1489~~	Authentication bypass allowing arbitr...	Closed
is related to	~~JM-1488~~	CallLogDAO in SIP Plugin enables SQL ...	Closed

Description

Additional cross-site scripting attacks possible in the login form.

Comments

Comment by LG [ 22/May/08 ]

Hi,

I really wonder why it take so long to resolve this issue. Just ignoring the parsed parameters (everything behind the ?) would be fine to fix this issue.
Of course one would no longer be able to access URL's directly and to set the username but that's how other applications solve this issue.

Comment by Daniel Henninger [ 22/May/08 ]

Patience =) I aim to fix these and some other assorted issues for 3.5.2!

Comment by Daniel Henninger [ 17/Jul/08 ]

A trivial demo of this:
http://blathersource.org:9090/login.jsp?url=%22%3E%3Cscript%20type=%22text/javascript%22%3Ealert(%22hi%22)%3C/script%3E

Generated at Thu Apr 25 08:20:30 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100251-rev:2d0d695520e7095763476433152508933e579798.

[JM-629] Additional cross-site scripting bugs in login Created: 08/Apr/06 Updated: 12/Nov/08 Resolved: 25/Aug/08