HI again
We have gotten reports of XSS injection threads in the code of easysocial and easyblog ,
1. I can inject this into a blog post - the Data URI will
inherit the origin from the website, and allow XSS:
<a href="data:text/html,FAIL">data URI</a>
This is easyblog
Solution is to deny all data URIs.
2. When signing up for an account, use this as the "state"
field:
">test11<img src=x onerror=alert(1)>
When other users view your profile (
https://oursite.com/unity/profile/YOURNAME ) the script runs. XSS.
So my question is how can we fix this as fast as possible ?