** Changed in: mahara/1.5
Milestone: None => 1.5.4
** Changed in: mahara/1.5
Assignee: (unassigned) => Hugh Davenport (hugh-catalyst)
** Changed in: mahara/1.4
Assignee: (unassigned) => Hugh Davenport (hugh-catalyst)
** Visibility changed to: Public
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1061980
Title:
XSS using user uploaded SVG files
Status in Mahara ePortfolio:
In Progress
Status in Mahara 1.4 series:
In Progress
Status in Mahara 1.5 series:
In Progress
Bug description:
I have come across a serious security issue on Mahara version 1.5 which can
allow an attacker to store malicious script on latest version of Mahara.
*Testing Environent:*
*
Operating System:* Windows 7 (32-bit)
*Web Server: *WAMP v2.2
*Browser:* Mozilla Firefox v15.0.1
*Vulnerable Path URL Location:* http://localhost/mahara/artefact/file/
*Description*: I uploaded a SVG file with malicious payload, Since there
was no validation of the malicious content, I was successful to upload a
file with malicous script.
Kindly find the screenshots as an attachment along with this mail.
I request you to kindly implement proper sanitization for handling file
contents.
Thank You.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1061980/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help : https://help.launchpad.net/ListHelp
