Open oleg-asana opened 8 years ago
When creatig a node with a name that contains html tags, the result is escaped incorrectly. For example, a node named
<h1>test
is rendered as
<a href="/node?path=/path/to/<h1>test"><h1>test</a></li>
which has two problems: the content of href is html escaped, while it should be URI escaped (with a %) the link text is not escaped at all, giving an XSS vector (see https://www.owasp.org/index.php/Cross-site_Scripting_(XSS) )
When creatig a node with a name that contains html tags, the result is escaped incorrectly. For example, a node named
is rendered as
which has two problems: the content of href is html escaped, while it should be URI escaped (with a %) the link text is not escaped at all, giving an XSS vector (see https://www.owasp.org/index.php/Cross-site_Scripting_(XSS) )