2014-07-14, 06:46 PM
As posted on: https://github.com/mybb/mybb/issues/926
Just an example (line 8):
<input name="url" type="hidden" value="javascript:alert('XSS');" />
it will popup alert window if logged, is possible to sanitize it with
Just an example (line 8):
<input name="url" type="hidden" value="javascript:alert('XSS');" />
it will popup alert window if logged, is possible to sanitize it with
if(!empty($mybb->input['url']) && my_strpos(basename($mybb->input['url']), 'member.php') === false && substr($mybb->input['url'], 0, 7) == "http://")