[Pkg-javascript-devel] Bug#698333: drupal6: SA-CORE-2013-001 - Drupal core - Multiple vulnerabilities
Steven Chamberlain
steven at pyro.eu.org
Sun Jan 20 17:03:43 UTC 2013
Control: affects -1 drupal6-mod-views/2.16-1
Hi,
I found another occurrence of this bug in drupal6-mod-views - the
protection added to Drupal 6.28 (in misc/drupal.js) should fix it though:
http://codesearch.debian.net/search?q=\%24\%28location\.hash\%29
This is quite a common exposure due to JQuery's use of $() as shorthand
for "find element matching this ID" or "insert this HTML into the DOM
(even <script> elements)"...
Some non-Drupal packages were mentioned there too, but:
* pebl - only affects the offline HTML docs; the affected code (for the
tabs on tutorial/example1-result/) doesn't work properly anyway;
* zine - uses the libjs-jquery package, and the Wheezy version is safe;
* jpoker - has vulnerable code in its embedded version of ui.tabs.js,
but doesn't seem to use it at all;
* cardstories - I didn't see a way to trigger the vulnerable code which
is in observeHash(), but can't rule it out.
Regards,
--
Steven Chamberlain
steven at pyro.eu.org
More information about the Pkg-javascript-devel
mailing list