** Changed in: mahara/1.5 Milestone: None => 1.5.4 ** Changed in: mahara/1.5 Assignee: (unassigned) => Hugh Davenport (hugh-catalyst)
** Changed in: mahara/1.4 Assignee: (unassigned) => Hugh Davenport (hugh-catalyst) ** Visibility changed to: Public -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. https://bugs.launchpad.net/bugs/1061980 Title: XSS using user uploaded SVG files Status in Mahara ePortfolio: In Progress Status in Mahara 1.4 series: In Progress Status in Mahara 1.5 series: In Progress Bug description: I have come across a serious security issue on Mahara version 1.5 which can allow an attacker to store malicious script on latest version of Mahara. *Testing Environent:* * Operating System:* Windows 7 (32-bit) *Web Server: *WAMP v2.2 *Browser:* Mozilla Firefox v15.0.1 *Vulnerable Path URL Location:* http://localhost/mahara/artefact/file/ *Description*: I uploaded a SVG file with malicious payload, Since there was no validation of the malicious content, I was successful to upload a file with malicous script. Kindly find the screenshots as an attachment along with this mail. I request you to kindly implement proper sanitization for handling file contents. Thank You. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1061980/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : mahara-contributors@lists.launchpad.net Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp