Opened 4 years ago

Closed 4 years ago

#1269 closed Bug (fixed)

Piwik XSS

Reported by: matt Owned by: vipsoft
Priority: critical Milestone: Piwik 0.6
Component: Core Keywords:
Cc: Sensitive: yes

Description (last modified by matt)

I saw on twitter a Piwik XSS tweet pointing to http://packetstormsecurity.org/1003-exploits/piwik-xss.txt

we should fix it and check other variables to ensure there is no xss left.

I re-enabled the sensitive ticket plugin for this one, and set it to sensitive, which seems to work.

Change History (7)

comment:1 Changed 4 years ago by matt (mattab)

  • Description modified (diff)
  • Milestone set to 1 - Piwik 0.6
  • Priority changed from major to critical
  • Summary changed from Piwik to Piwik XSS

comment:4 Changed 4 years ago by vipsoft (robocoder)

  • Owner set to vipsoft

comment:6 Changed 4 years ago by vipsoft (robocoder)

While [2039] fixed the issue (by validating/filtering/escaping form_url), [2047] is a better solution -- it eliminates form_url entirely as a parameter/hidden form field.

I've drafted a blog entry for the security advisory and will request a CVE later for the 0.6 release.

comment:7 Changed 4 years ago by matt (mattab)

  • Resolution set to fixed
  • Status changed from new to closed

I disabled the sensitivity plugin for now, also closing this.. please reopen if there is open issue.

Note: See TracTickets for help on using tickets.