johnwarne
commented
5 years ago Thanks so much for this very thorough heads up. I've got that input sanitized now. Cheers!
Closed lannerxiii closed 5 years ago
johnwarne
commented
5 years ago Thanks so much for this very thorough heads up. I've got that input sanitized now. Cheers!
Hello, I was searching for simple vulnerabilities in code and I came across your repository. I have noticed that you do not perform any kind of Input sanitization in your code, and while there isn't any kind of risk because the purpose of this webpage is just generating RSS feeds without any kind of data being persisted, it would be a good idea to adopt the practice of sanitizing your inputs. Every developer should know that user-manipulated input is always dangerous.
The following XSS injection was found on your webpage:
The picture above shows you the result of injecting code, and the code causing this is the following line
echo "<div class='alert alert-warning' role='alert'>/r/" . $_GET["subreddit"] . " is not a valid subreddit</div>";in your postlist.php file.I would suggest the use of Regular expression or the following PHP functions strip_tags htmlentities htmlspecialchars
Goodbye!