• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Potential exploit in CSRF protection

I'm working on a site, and just started using the CSRF provided by CI. After enabling it, I've tested the site again with Acunetix Vulnerability Scanner. The result: a potential CSS attack.
Quote:The Cookie variable ci_csrf_token has been set to >">[removed]alert(409371738445);[removed].
Note: the [removed] bit is <_ScRiPt
> (without the _) and corresponding close tag.

On submit, it then echos the submitted CSRF_token, which breaks HTML. Shouldn't it be run through htmlspecialchars() or htmlentities()?

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.