Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-8846

Input for Labels is not properly validated

    XMLWordPrintable

Details

    Description

      The input from "Add Labels" text box is not properly validated. There are two major flaws:
      1) the string length is not validated - if string is longer than 255 characters an error message is displayed: "[41a] Error connecting to the server. The labels have not been updated."

      2) the input is not properly escaped and lets html pass through - "<" and ">" are allowed characters (why?!?!?) and are not even being properly escaped - this makes is super easy to modify the DOM structure and modify the look of the site. See http://confluence.atlassian.com/display/TEST/Label+Validation+Problem for examples. Only the fact that ":" and "(" are not allowed characters makes it difficult to use this hole for an XSS exploit - but the possibility of finding a way to create a XSS exploit using this hole still exists.

      Suggested fix:
      1) add length validation
      2) there are two ways how to fix the second issue
      a) add "<" and ">" as well as "\" and "/" among forbidden characters
      b) encode the string using html entities (http://www.w3schools.com/tags/ref_entities.asp)

      Attachments

        Activity

          People

            christopher.owen@atlassian.com Christopher Owen [Atlassian]
            15d9a6950818 Igor Minar
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 1h
                1h
                Remaining:
                Remaining Estimate - 1h
                1h
                Logged:
                Time Spent - Not Specified
                Not Specified