Ask Your Question
3

injection <script>alert("xss");</script>

asked Jan 10

piskvorky gravatar image piskvorky
330 2 16

updated Jan 10

Evgeny gravatar image Evgeny flag of Chile
6715 31 49 96
http://askbot.org/

just testing script injection :-)

<script>alert("xss");</script>

Comments

Viewing this page gives me a browser alert. I guess that's not desirable, so I'm adding a "bug" tag.

piskvorky (Jan 10)

Highly undesirable, will fix asap.

Evgeny (Jan 10)

1 Answer

Sort by ยป oldest newest most voted
1
piskvorky has selected this answer as correct

answered Jan 10

Evgeny gravatar image Evgeny flag of Chile
6715 31 49 96
http://askbot.org/

Fixed in 0.7.38. Keep trying :) thanks!

link

Comments

@Evgeny: still happens when viewing a profile page: http://askbot.org/en/users/459/piskvorky/

piskvorky (Jan 14)

Fixed this too, now need to update the repo trunk.

Evgeny (Jan 15)

Your answer

Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!
[hide preview]

Question tools

Follow

subscribe to rss feed

Stats

Asked: Jan 10

Seen: 111 times

Last updated: Jan 10

Related questions

Internal Server Error when trying to edit personal pro

Where are the badges in a fresh install? [fixed]

HTML Tags in titles getting eaten <fixed/>

Unknown column 'auth_user.is_approved' in 'field list' [fixed]

need spaces between date, username, and karma on a user's profile overview page (in the "questions" section) [fixed]

email for comments: link missing a href [fixed]

Bug: Horizontal Rule in Comment breaks stylesheet [fixed]

"Related questions" section shows deleted questions?

error on upvote: "Sorry, something is not right here..." [fixed]

++ doesn't show up in Question Title [fixed]

Copyright Askbot, 2010-2011. Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | give feedback
Powered by Askbot version 0.7.39