Avoid relying on TinyMCE code stripping alone
Bug #1744789 reported by
Robert Lyon
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
High
|
Robert Lyon | ||
16.10 |
Fix Released
|
High
|
Unassigned | ||
17.04 |
Fix Released
|
High
|
Unassigned | ||
17.10 |
Fix Released
|
High
|
Unassigned | ||
18.04 |
Fix Released
|
High
|
Robert Lyon | ||
18.10 |
Fix Released
|
High
|
Unassigned |
Bug Description
TinyMCE will strip bad strings from input, eg <script> tags but we must make sure we don't just rely on that alone. We should also clean up input on the server/php end as one can create their own packet of POST data containing bad content to hit the server with.
This can be seen in the Wall plugin where we can make a wallpost POST package have a bad 'text' value and have it save unaltered.
CVE References
information type: | Private Security → Public Security |
summary: |
- Avoid relying on TinyMCE code stipping alone + Avoid relying on TinyMCE code stripping alone |
To post a comment you must log in.
Need to check all the places where the tinymce is used for a form field and make sure it is being saved in a safe way on the php side