Gossamer Forum: Gossamer Threads Inc.: Official Bug Fixes: Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability (brewt)

Gossamer Threads

Home : Gossamer Threads Inc. : Official Bug Fixes :

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability

Apr 27, 2005, 1:08 AM

brewt

Staff (4101 posts)

Apr 27, 2005, 1:08 AM

Shortcut

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability In reply to

Pretty much the case. Because Gossamer Links doesn't escape all variables passed into the template parser (we would like to change this, but it would likely break a lot of plugins, templates, etc - most of our other products do it already), you need to do it in the template yourself when needed.

Adrian

Subject	Author	Views	Date
[Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	60687	Apr 21, 2005, 2:03 PM

Post deleted by Alba	Alba	59664	Apr 22, 2005, 3:01 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Andy	59634	Apr 22, 2005, 3:17 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	pugdog	59630	Apr 22, 2005, 6:55 AM

Re: [pugdog] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	59620	Apr 22, 2005, 12:32 PM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Alba	59577	Apr 26, 2005, 7:34 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	59550	Apr 26, 2005, 4:28 PM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	Alba	59548	Apr 27, 2005, 1:03 AM

Re: [Alba] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	59603	Apr 27, 2005, 1:08 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	pugdog	59526	Apr 27, 2005, 6:46 AM

Re: [pugdog] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	59543	Apr 27, 2005, 11:13 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	webmaster33	59506	Apr 28, 2005, 5:18 AM

Re: [brewt] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	eljot	55295	May 5, 2008, 11:43 PM

Re: [eljot] [Links SQL 2.x/GLinks 3.0.0] Minor XSS Vulnerability	brewt	55221	May 5, 2008, 11:59 PM

Gossamer Threads is a Vancouver-based company with over 28 years experience in web technology. From development to hosting, we partner with leading organizations around the globe and help to build their web presences, strategies and infrastructures.

Let’s talk: 1-877-715-7676