View Issue Details

This bug affects 1 person(s).
 254
IDProjectCategoryView StatusLast Update
16401Bug reportsSecuritypublic2020-12-30 19:27
ReporterDenisChenu Assigned ToDenisChenu  
PrioritynoneSeverityminor 
Status closedResolutionfixed 
Product Version4.3.0 
Fixed in Version4.3.2 
Summary16401: Multiple self-stored XSS in printanswers
Description

A lot of other and comments are not encoded when throw to user

Steps To Reproduce

Import included survey
Launch with token TEST
Submit
Print answers : 6 XSS

Additional Information

… …

Concept issue : when updating whole printanswers : nothing was done against XSS.

If we have a test for this : the test was disabled since it was totally different pages
Auto test limit here …

TagsNo tags attached.
Bug heat254
Complete LimeSurvey version number (& build)4.3.0
I will donate to the project if issue is resolvedNo
Browsernot relevant
Database type & versionnot relevant
Server OS (if known)not relevant
Webserver software & version (if known)not relevant
PHP Versionnot relevant

Users monitoring this issue

There are no users monitoring this issue.

Activities

DenisChenu

DenisChenu

2020-06-18 18:20

developer   ~58340

Need printanswer working to fix it in 4.X

DenisChenu

DenisChenu

2020-06-18 18:22

developer   ~58342

DenisChenu

DenisChenu

2020-07-02 08:56

developer   ~58630

OK fixed :)

cdorin

cdorin

2020-12-30 19:27

reporter   ~61349

fixed in 4.4.0 rc1

Related Changesets

LimeSurvey: master c2e0ba14

2020-06-18 18:34:57

DenisChenu

Details Diff
Fixed issue [security] 16396: Multiple self-stored XSS in printanswer
Dev: Add answercode for testing if other (-oth-)
Dev: fix other : single choice and multiple choice
Dev: div fix comments on multiple with comments
Dev: list with comment not fixed (comment are not shown …)
Dev: cherry-picked, no way to control
# Conflicts:
# application/models/SurveyDynamic.php
Affected Issues
16401
mod - application/models/SurveyDynamic.php Diff File
mod - themes/survey/vanilla/views/subviews/printanswers/question_types/template_list-dropdown.twig Diff File
mod - themes/survey/vanilla/views/subviews/printanswers/question_types/template_list-radio.twig Diff File
mod - themes/survey/vanilla/views/subviews/printanswers/question_types/template_multiple-opt-comments.twig Diff File
mod - themes/survey/vanilla/views/subviews/printanswers/question_types/template_multiple-opt.twig Diff File

Issue History

Date Modified Username Field Change
2020-06-18 18:18 DenisChenu New Issue
2020-06-18 18:18 DenisChenu Status new => assigned
2020-06-18 18:18 DenisChenu Assigned To => DenisChenu
2020-06-18 18:18 DenisChenu Issue generated from: 16396
2020-06-18 18:19 DenisChenu Assigned To DenisChenu =>
2020-06-18 18:19 DenisChenu Status assigned => feedback
2020-06-18 18:19 DenisChenu Complete LimeSurvey version number (& build) 3.22.20 => 4.3.0
2020-06-18 18:20 DenisChenu Relationship added child of 15907
2020-06-18 18:20 DenisChenu Note Added: 58340
2020-06-18 18:20 DenisChenu Status feedback => new
2020-06-18 18:22 DenisChenu Note Added: 58342
2020-06-18 18:22 DenisChenu File Added: survey_archive_XSSprintanswers.lsa
2020-06-18 18:22 DenisChenu Status new => feedback
2020-06-18 18:35 DenisChenu Changeset attached => LimeSurvey master c2e0ba14
2020-07-02 08:52 DenisChenu Relationship deleted child of 15907
2020-07-02 08:53 DenisChenu Assigned To => DenisChenu
2020-07-02 08:53 DenisChenu Status feedback => assigned
2020-07-02 08:56 DenisChenu Note Added: 58630
2020-07-02 08:56 DenisChenu File Added: Capture d’écran du 2020-07-02 08-56-22.png
2020-07-02 08:56 DenisChenu Status assigned => resolved
2020-07-02 08:56 DenisChenu Resolution open => fixed
2020-07-02 08:56 DenisChenu Fixed in Version => 4.3.2
2020-12-30 19:27 cdorin Note Added: 61349
2020-12-30 19:27 cdorin Status resolved => closed