View Issue Details

IDProjectCategoryView StatusLast Update
13182Bug reports[All Projects] Securitypublic2018-02-09 17:02
ReportercookiemonsterAssigned ToLouisGac 
PrioritynoneSeverityminor 
Status closedResolutionfixed 
Product Version 
Target VersionFixed in Version3.1.x 
Summary13182: Filter HTML for XSS affects variables in end message
Description

Filter HTML for XSS affects variables in end message
This affects all non superadmin users with filter html for xss enabled (it works in questions and other fields though), so I assume it's a bug in that field?!

Steps To Reproduce

create a link in end message like:
http://whateverpage/{TOKEN:TOKEN}
after saving the changes, all that's left is:
{TOKEN:TOKEN}">

TagsNo tags attached.
Complete LimeSurvey version number (& build)Version 3.0.3+180112
I will donate to the project if issue is resolvedNo
BrowserFirefox 57.0.4 (64-Bit)
Database & DB-Versionlibmysql - 5.5.54
Server OS (if known)Ubuntu
Webserver software & version (if known)Apache/2.4.7
PHP Version5.5.9

Activities

c_schmitz

c_schmitz

2018-01-25 10:02

administrator   ~46068

Normal link works?

cookiemonster

cookiemonster

2018-01-25 10:07

reporter   ~46069

yep, redirect as well, just the variable isn't filled - it stays like: ?pageId={id} ...where {id} should be e.g. 123

LouisGac

LouisGac

2018-01-26 17:47

manager   ~46117

https://github.com/LimeSurvey/LimeSurvey/commit/4a8c0285161aa56c5dcec9f72e3bb9467d0e1b9a

c_schmitz

c_schmitz

2018-02-09 17:02

administrator   ~46369

Version 3.3.0 released

Issue History

Date Modified Username Field Change
2018-01-15 15:47 cookiemonster New Issue
2018-01-25 10:02 c_schmitz Note Added: 46068
2018-01-25 10:07 cookiemonster Note Added: 46069
2018-01-26 17:47 LouisGac Assigned To => LouisGac
2018-01-26 17:47 LouisGac Status new => resolved
2018-01-26 17:47 LouisGac Resolution open => fixed
2018-01-26 17:47 LouisGac Fixed in Version => 3.1.x
2018-01-26 17:47 LouisGac Note Added: 46117
2018-02-09 17:02 c_schmitz Note Added: 46369
2018-02-09 17:02 c_schmitz Status resolved => closed