View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000294 | OXID eShop (all versions) | 4.04. Security | public | 2008-10-13 13:46 | 2008-10-16 10:59 |
| Reporter | tomas_liubinas | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Fixed in Version | 4.0.0.0 revision 13895 | ||||
| Summary | 0000294: XSS in guestbook | ||||
| Description | It is possible to add html into guestbook. Even JS works. | ||||
| Additional Information | This problem should be resolved over ->value ->rawvalue object properties rather than direct html filtering. | ||||
| Tags | No tags attached. | ||||
| Theme | |||||
| Browser | All | ||||
| PHP Version | 5.2.6 | ||||
| Database Version | 5.0.33 | ||||
