Skip to:
Content
Pages
Categories
Search
Top
Bottom

cross-site scripting attack., prone/vulnerable to…


  • Protesta
    Member

    @protesta

    12 years, 4 months ago

    signup, register and site search have been reported by godaddy’s sitescaner service as not properly sanitizing certain input openning the ability for malicious code and malware. please advise as how to / what is being / can be done to correct this issue as these are vital.

    issue summary 1 (signup.php & register.php)
    The remote web server hosts one or more cgi scripts that fail to adequately sanitize request strings
    with malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary
    HTML and script code to be executed in a user’s browser within the security context of the
    affected site. These XSS vulnerabilities are likely to be ‘non?persistent’ or
    ‘reflected’.

    issue summary 2 (site search)
    Your website contains pages that do not properly sanitize visitor?provided input to make sure
    it contains no malicious content or scripts. Cross?site scripting vulnerabilities let
    malicious users execute arbitrary HTML or script code in another visitor’s browser.

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hugo Ashmore
    Participant

    @hnla

    12 years, 4 months ago

    I wouldn’t trust anything reported by a automated scanner, how does it know what is being done to sanitize user data?

    WP has a range of functions available to deal with data sanitization, as BP is built by a core team extremely familiar with WP functions and best practises and including a WP employee amongst them it follows that all best practises for handling data are adhered to.

    If you think not then you will probably need to run a few more tests that are known as reliable and report your findings directly and privately to one of the core BP team.


    Roger Coathup
    Participant

    @rogercoathup

    12 years, 4 months ago

    the username and email address on the registration form are sanitized in the function: bp_core_validate_user_signup()

    Passwords are passed through wp_hash_password() which I assume does any necessary sanitising implicitly.

    Not sure how any additional signup fields are processed.

    As @hugo says — I can’t envisage how a scanner could possibly check this.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘cross-site scripting attack., prone/vulnerable to…’ is closed to new replies.

Topic Info

Skip to toolbar