Page MenuHomePhabricator

Toolbar: User input to UniWiki toolbar injected into javascript without being sanitized -- possible XSS vector.
Closed, DeclinedPublic

Description

Author: robert

Description:
In various places within the Uniwiki Custom Toolbar extension, user-supplied text (either from within pages, messages, or POST\GET data) is injected in to JavaScript without sanitization - this poses a possible security vulnerability and would likely cause the extension to malfunction if a quotation mark were included in any of the pieces of text.

The following lines in CustomToolbar.php are possibly affected: 152, 159, 166, 331, 332, and 333.


Version: unspecified
Severity: major
Whiteboard: extension[unmaintained]

Details

Reference
bz17600

Event Timeline

bzimport raised the priority of this task from to Low.Nov 21 2014, 10:34 PM
bzimport set Reference to bz17600.
bzimport added a subscriber: Unknown Object (MLST).

Clarified bug summary so I don't get scared when I see it.

According to one of its developer (Mark), Uniwiki extensions for MediaWiki are not under active development anymore "and it is safe to declare them obsolete/wontfix."

It is unlikely that there will be any further active development.

Closing this report as WONTFIX as part of Bugzilla Housekeeping and adding the whitespace entry "extension[unmaintained]". Please feel free to reopen this bug report in the future if anyone takes the responsibility for active development again.