Summary

xss in autocomplete

Review Request #5570 — Created March 2, 2014 and discarded March 2, 2014, 10 p.m.

Information

Owner

uchida_t

Repository

Review Board

Branch

Bugs

Depends On

Reviewers

Groups

reviewboard

People

Description

It will fix xss vulnerabilities.
https://code.google.com/p/reviewboard/issues/detail?id=3274

If input script in First name or Last name, It is executed when you use autocomplete in search box.

Testing Done

Issues

Description	From	Last Updated
Hey!	UC uchida_t	June 5, 2014, 11:43 p.m.

Expand All
Collapse All

Thanks for the report and the patch!
Looking into this, this isn't actually the right place to do this, since it's valid for HTML to appear in highlight() (we use it for <span> tags to properly format the full name), but I've made a change in the correct place to do the escaping (formatItem in js/common.js).

Status:: Discarded

Fix it!

reviewboard/static/lib/js/ui.autocomplete.js (Diff revision 1)
An issue was opened. Show all issues
```
Hey!
```