I can’t tell if this is spam.
To the author: The function you reference is part of a PHP codebase but the pages and functions you reference would seem to be written JSP, or at very least in other code that uses InitCaps() instead of underscore_names() for function names.
The value you reference is the URI requested by the user. Can you provide an example of an XSS attack, especially one that would affect a third party?
Our scanning tool generated those .js files, but the vulnerability still exists. See another part of the code that needs fix. ANy help?
….
136. $domain = strtolower( $_POST[ ‘domain’ ] );
….
155. $wpdb->query( $wpdb->prepare( “UPDATE {$wpdb->dmtable} SET blog_id
= %d, domain = %s, active = %d WHERE domain = %s”, $_POST[ ‘blog_id’ ],
$domain, $_POST[ ‘active’ ], $_POST[ ‘orig_domain’ ] ) );
The line numbers don’t match the latest build that I’m using but the $wpdb->prepare() method in line 155 does the escaping.
See here: http://codex.wordpress.org/Class_Reference/wpdb#Protect_Queries_Against_SQL_Injection_Attacks
Let me check. Can you tell me how to protect the $_SERVER[ ‘REQUEST_URI’ ] value from getting attacked? THANKS A LOT
header( “Location: {$url}{$_SERVER[ ‘REQUEST_URI’ ]}”, true,
$redirect );
Can you explain how this might be used in an attack? The result is sending a redirect response to the requester.
If an “attacker” had control over the URL being chosen then they could just as easily have specified the final URL that this method would return.
Simply because user input isn’t run through an escaping function doesn’t make it vulnerable. It’s good that you’re checking for these things but it would be helpful to provide a viable scenario.
Ok. I have downloaded the latest version and the scanner didn’t report any issues. Thanks for all ur help. Really appreciate it.
You’re welcome! Thanks for checking and sorry for thinking you were spam. 😀
Please mark as resolved if appropriate, thanks!
