Security Vulnerabilities Reported

FIXED wales.gov

XSS vulnerability through a search results page.

The search query is sent as a GET parameter and although escaped correctly in the HTML form, it is not escaped when included as a parameter in the pagination links. This allows code to be executed directly from a malicious URL.

<span class="page"><a href="/consultations/?status=closed&lang=en&amp;view=Search results&amp;sch=education"></a><script>alert()</script><span data="&amp;sessionid=9245882&amp;pageNum=1&amp;filter_year=all">1</a></span>

Reported almost 8 years ago Fixed over 7 years ago

Back