Page MenuHomeMiraheze

Verify if PageDisqus has reflective XSS
Closed, InvalidPublic


When looking at the extension for T4235, I stumbled upon this:

The URL is user controlled input, and to be honest I am not sure if getFullRequestURL properly escapes characters. Otherwise someone could give you the url '" + alert("XSS") + "' and that is valid JavaScript..

test1 is down and I have no MediaWiki test installation available to test this, but it's definitely worth doing a var_dump on $wgRequest->getFullRequestURL() when visiting the URL I gave above..

Event Timeline

Southparkfan created this object with visibility "Custom Policy".
John closed this task as Invalid.Jul 12 2019, 14:05
John added a subscriber: John.


John claimed this task.Jul 12 2019, 14:06
John triaged this task as Normal priority.
John changed the visibility from "Custom Policy" to "Public (No Login Required)".