XSS vulnerability in comments (2.3.3-pl)

[minagerges]

Beside other quip reply parameters not being filtered correctly, the comment text field has XSS vulnerability. I could hack a whole modx website within quip comment vulnerability. Requirements for a successful attack: view the comment from the MODX manager.

I can not post all the details before a fix, or this will leave all MODX sites using quip exposed.

In "quip.class.php", "cleanse" function needs a lot of work.

Temporary workaround: Uncomment line 453 in quip.class.php and add the below line as first code line in the function $body = preg_replace('#(<[^>]+?[\x00-\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $body)

[vierkantemeter]

+1 Unbelievable this is not patched yet....