Gossamer Forum: Gossamer Threads Inc.: Official Bug Fixes: Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability (brewt)

Gossamer Threads

Home : Gossamer Threads Inc. : Official Bug Fixes :

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability

Apr 27, 2005, 1:08 AM

brewt

Staff (4101 posts)

Apr 27, 2005, 1:08 AM

Shortcut

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability In reply to

Pretty much the case. Because Gossamer Links doesn't escape all variables passed into the template parser (we would like to change this, but it would likely break a lot of plugins, templates, etc - most of our other products do it already), you need to do it in the template yourself when needed.

Adrian

Subject	Author	Views	Date
[Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	60716	Apr 21, 2005, 2:03 PM

Post deleted by Alba	Alba	59694	Apr 22, 2005, 3:01 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Andy	59663	Apr 22, 2005, 3:17 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	pugdog	59660	Apr 22, 2005, 6:55 AM

Re: [pugdog] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	59649	Apr 22, 2005, 12:32 PM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Alba	59607	Apr 26, 2005, 7:34 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	59579	Apr 26, 2005, 4:28 PM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Alba	59578	Apr 27, 2005, 1:03 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	59633	Apr 27, 2005, 1:08 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	pugdog	59555	Apr 27, 2005, 6:46 AM

Re: [pugdog] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	59573	Apr 27, 2005, 11:13 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	webmaster33	59536	Apr 28, 2005, 5:18 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	eljot	55324	May 5, 2008, 11:43 PM

Re: [eljot] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	55251	May 5, 2008, 11:59 PM

Gossamer Threads is a Vancouver-based company with over 28 years experience in web technology. From development to hosting, we partner with leading organizations around the globe and help to build their web presences, strategies and infrastructures.

Let’s talk: 1-877-715-7676