Fix stored XSS via MediaWiki:Sidebar

lingua-libre / BlueLL

🌻 MediaWiki skin used by LinguaLibre.org

BSD 2-Clause "Simplified" License

6 stars 4 forks source link

Fix stored XSS via MediaWiki:Sidebar #18

Closed mamarto closed 2 months ago

mamarto commented 2 months ago

BlueLL skin: stored XSS via MediaWiki:Sidebar

Top-level menu entries from MediaWiki:Sidebar are not properly escaped in the BlueLL skin (Lingua-Libre), resulting in classic stored XSS. The output of Sanitizer::escapeIdForAttribute is not HTML-safe, but the skin incorrectly assumes it is.

Bug: T361453

mamarto commented 2 months ago

Hi @translatewiki and @hugolpz, is there something wrong with this MR? When can I expect it to be merged?

Thanks!

hugolpz commented 2 months ago

Hello @mamarto , FYI, current maintainer of this skin (myself) is not a PHP developer. This repository will soon be phased out from Lingualibre.org and therefore become orphan. @jdlrobson and yourself ( @mamarto ) are the last two PHP developers who edited this skin. I'm willing to move this skin to a new owner if someone what to continue to give it life. This issue is handled in #16