Compare commits
2 commits
e44dd61d08
...
ed3f58a260
Author | SHA1 | Date | |
---|---|---|---|
Michael Hope | ed3f58a260 | ||
Michael Hope | 39894e508a |
|
@ -10,7 +10,7 @@ categories:
|
|||
---
|
||||
A certain website had a few vuneribilities including XSS and leaking passwords. The fixes were:
|
||||
|
||||
* The <script> tag was turned on for pending users. Configure off.  All other users get their tags filtered against a safe list
|
||||
* The `<script>` tag was turned on for pending users. Configure off.  All other users get their tags filtered against a safe list
|
||||
* The superuser always skips the filter and sees all tags. Â I can’t fix this, but I’ve changed the cookie so that its not useful to a cookie catcher
|
||||
* The ‘password’ in the cookie was just a hash of the password. It is now a hash of the password, the IP address of the client, and a secret.  A leaked password should only be usable from the same IP
|
||||
* The ‘password’ field has been removed from all forms and replaced with cookie based authentication
|
||||
* The ‘password’ field has been removed from all forms and replaced with cookie based authentication
|
||||
|
|
Loading…
Reference in a new issue