Date: Thu, 21 Feb 2013 11:47:10 +0100 From: Raphael Geissert <atomo64@...il.com> To: oss-security@...ts.openwall.com Cc: 700158@...s.debian.org, 700159@...s.debian.org Subject: Re: CVE request: XSS flaws fixed in ganglia Hi, On 8 February 2013 19:06, Vincent Danen <vdanen@...hat.com> wrote: > A number of XSS issues were fixed in ganglia's web ui: > > https://github.com/ganglia/ganglia-web/commit/31d348947419058c43b8dfcd062e2988abd5058e I've a hunch that there are a few issues with the changes. A quick look at the patch shows that the change here breaks the preg_replace call: - $query_string = preg_replace("/(&trendhistory=)(\d+)/", "", $query_string); + $query_string = preg_replace("/(&trendhistory=)(\d+)/", "", htmlspecialchars($query_string, ENT_QUOTES) ); It looks as if the htmlspecialchars call was misplaced. Not that it is a security issue, but it's a bug. Can anyone forward this upstream? I will try to take a look at the rest of the patch later. Cheers, -- Raphael Geissert
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.