XSS vulnerability in bookmark parameter

geneontology / amigo

AmiGO is the public interface for the Gene Ontology.

http://amigo.geneontology.org

BSD 3-Clause "New" or "Revised" License

29 stars 17 forks source link

XSS vulnerability in bookmark parameter #622

Closed kltm closed 3 years ago

kltm commented 3 years ago

It is currently possible to inject disrupting code into the bookmark variable that could be used to create an XSS attack for users on bad links. For example, the following URLs illustrate this, disrupting the variable creation:

http://amigo-exp.geneontology.io/amigo/search/annotation?bookmark=%3C/script%3E%3Cscript%3Ealert('SHOULD-NOT-BE-SEEN')%3C/script%3E

I would expect a similar pattern to #608 , with a similar fix.

kltm commented 3 years ago

Nope, not an HTML template issue, but internal like some of the earlier sanitation issues.

kltm commented 3 years ago

Looking good I think; clearing.