Opened 10 years ago
Last modified 10 years ago
#23544 closed Bug
Escape backtick — at Initial Version
| Reported by: | djbug | Owned by: | nobody |
|---|---|---|---|
| Component: | Uncategorized | Version: | dev |
| Severity: | Normal | Keywords: | xss |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
IE8 can suffer from XSS if backtick is left unescaped as it can be used to switch out of the attribute. It should be added in django.utils.html.escape() if this is a serious security issue.
Source & related discussions:
https://cure53.de/fp170.pdf
https://html5sec.org/#102
http://lcamtuf.coredump.cx/postxss/
Note:
See TracTickets
for help on using tickets.