MODx Bug/Feature Tracker and Feature Requests
Welcome to the MODx CMS Tracker. Please choose the appropriate project from the drop down menu and provide as much information as possible regarding your server environment and browser. Thanks!
FS#988 — possible XSS in Search Highlighting Plugin
| Task Type | Bug Report |
|---|---|
| Category | Core Distribution |
| Status | Closed |
| Assigned To |
Mike Reid (pixelchutes) |
| Operating System | All |
| Severity | Low |
|---|---|
| Priority | Normal |
| Reported Version | 0.9.6 |
| Due in Version | Undecided |
| Due Date | Undecided |
| Percent Complete |
|
Details
examplehttp://demo.opensourcecms.com/modx/?searched=MODx&highlight=%22%20style=color:blue;font-size:50px
This task depends upon
This task blocks these from closing
Closed by Mike Reid (pixelchutes)
Wednesday, 23 January 2008, 12:49PM
Reason for closing: Fixed
Additional comments about closing: (Corrected as of MODx revision 3303)
Wednesday, 23 January 2008, 12:49PM
Reason for closing: Fixed
Additional comments about closing: (Corrected as of MODx revision 3303)
Comment by Mike Reid (pixelchutes) -
Wednesday, 23 January 2008, 12:48PM
This bug has been confirmed and corrected as of MODx revision 3303. $_GET parameters were not being properly escaped.