Gossamer Forum: Gossamer Threads Inc.: Official Bug Fixes: Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability (brewt)

Gossamer Threads

Home : Gossamer Threads Inc. : Official Bug Fixes :

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability

Apr 27, 2005, 1:08 AM

brewt

Staff (4101 posts)

Apr 27, 2005, 1:08 AM

Shortcut

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability In reply to

Pretty much the case. Because Gossamer Links doesn't escape all variables passed into the template parser (we would like to change this, but it would likely break a lot of plugins, templates, etc - most of our other products do it already), you need to do it in the template yourself when needed.

Adrian

Subject	Author	Views	Date
[Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	61172	Apr 21, 2005, 2:03 PM

Post deleted by Alba	Alba	60148	Apr 22, 2005, 3:01 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Andy	60117	Apr 22, 2005, 3:17 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	pugdog	60115	Apr 22, 2005, 6:55 AM

Re: [pugdog] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	60103	Apr 22, 2005, 12:32 PM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Alba	60061	Apr 26, 2005, 7:34 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	60034	Apr 26, 2005, 4:28 PM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Alba	60030	Apr 27, 2005, 1:03 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	60085	Apr 27, 2005, 1:08 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	pugdog	60011	Apr 27, 2005, 6:46 AM

Re: [pugdog] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	60027	Apr 27, 2005, 11:13 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	webmaster33	59987	Apr 28, 2005, 5:18 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	eljot	55778	May 5, 2008, 11:43 PM

Re: [eljot] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	55703	May 5, 2008, 11:59 PM

Gossamer Threads is a Vancouver-based company with over 28 years experience in web technology. From development to hosting, we partner with leading organizations around the globe and help to build their web presences, strategies and infrastructures.

Let’s talk: 1-877-715-7676