Cross Site Scripting(XSS) (http://en.wikipedia.org/wiki/Cross-site_scripting) is a security hole that allows evil-doers to inject code into a web page.
http://www.acunetix.com/cross-site-scripting/scanner.htm - Acunetix Scanner - Free XSS scanner, does not allows saving of reports
http://kallahar.com/smallprojects/php_xss_filter_function.
-
RemoveXSS
php function that seems to solve
the problem.
http://chesstst.eecs.berkeley.edu/pubs/search/
and it found plenty of problems.
I tried modifying php/pubs/pubs.php
so
that we called the PHP htmlentities()
function:
$keywords = htmlentities(getREQUESTValue('keywords'));However, that did not work.
What did work was adding RemoveXSS()
to
php/include/utils.inc.php
and then modified
pubs.php
:
$keywords = RemoveXSS(getREQUESTValue('keywords'));Rerunning the scanner showed no vulnerabilities.
Any page that has a form (field, checkbox, radio button etc) or any page that processes the URL to do something is at risk.
Pages that were ok
http://chesstst.eecs.berkeley.edu/search/
- found not vulnerable to XSS with Acunetix
http://chesstst.eecs.berkeley.edu/ptolemy/wiki/
Ptolemy wiki, uses PmWiki (http://www.pmwiki.org/
- Partially checked with Acunetix, no problems.
Offhand, these pages are publicly accessible that have forms:
http://chesstst.eecs.berkeley.edu/pubs/search/
- found vulnerable with Acunetix, fixed with
simple fix above, but what about other things passed
in URLS?
http://chesstst.eecs.berkeley.edu/people/directory/
- found vulnerable with Acunetix
http://chess.eecs.berkeley.edu/bugzilla
- partially tested with Acunetix, no vulneratbilities found
thus far
https://trustt.eecs.berkeley.edu:446/wise/apply/
(SecurIT, Superb and Wise applications, TRUST only)
- found vulnerable with Acunetix
Note that testing generates hundreds of emails
Pages that process URLS:
http://chesstst.eecs.berkeley.edu/chess/faq/?displaystyle=flat
- found vulnerable with Acnetix
https://chesstst.eecs.berkeley.edu:444/chessj/resetpassword.jsp
Changing password (JSP)
- found vulnerable with Acunetix