[Webkit-unassigned] [Bug 28402] Unexpected JavaScript parsing possible to XSS attack

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Aug 17 12:22:46 PDT 2009


https://bugs.webkit.org/show_bug.cgi?id=28402





--- Comment #3 from Vladimir <vladimir.vorontsov at onsec.ru>  2009-08-17 12:22:45 PDT ---
The great numbers of open-source web projects used analogue constructions in
his code. 

If value of variable (var a in my attach) getting from user (in example GET
params or something else) there are XSS vulnerability. 

Typically php code:

echo "<script>var searchString='".$_GET['search_query']."';";
echo ""; -- some javascript actions
echo "</script>";

And of course, recognize </script> tag in string value in JavaScript code is a
parse bug!

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list