Skip to content

escape rev and search to avoid XSS breach#229

Open
Badatos wants to merge 1 commit intowebsvnphp:masterfrom
Badatos:prevent-xss-on-search
Open

escape rev and search to avoid XSS breach#229
Badatos wants to merge 1 commit intowebsvnphp:masterfrom
Badatos:prevent-xss-on-search

Conversation

@Badatos
Copy link
Contributor

@Badatos Badatos commented Dec 2, 2025

Hello,
I think theses small changes will prevent some XSS breach issued in #228

@michael-o
Copy link
Member

michael-o commented Dec 2, 2025

The original issue lists several other spots. Did you test then or simply limit your PR for this file?

@michael-o michael-o self-assigned this Dec 2, 2025
@Badatos
Copy link
Contributor Author

Badatos commented Dec 3, 2025
edited
Loading

I don't know exactly how many gaps this PR fills, but at least all files that use createSearchSelectionForm.

I've tested on listing.php?search=1%27)%22AutoFocus/ContentEditable/OnFocusIn=(confirm)(1)//&a=xxx&api=xxx&begindate=4&cat=aug url and confirm this gap is filled.

@michael-o
Copy link
Member

michael-o commented Dec 3, 2025

I meant these #228 (comment)

@Badatos
Copy link
Contributor Author

Badatos commented Dec 3, 2025

I meant these #228 (comment)

These aren't confirmed vulnerabilities, but rather leads to follow.
If you have a list of URLs of confirmed vulnerabilities, I could potentially run some tests on these.

@Badatos
Copy link
Contributor Author

Badatos commented Dec 3, 2025

Tested also on URL like this :
search.php?repname=REPO&rev=1&search=%22%3E%3Cscript%3Ealert%28%27TEST%27%29%3C%2Fscript%3E

And the same fix corrects it ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@michael-o michael-o

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Badatos @michael-o