classification
Title: XSS in bugs.python.org 404 error page
Type: security Stage: resolved
Components: Documentation Versions:
process
Status: closed Resolution: third party
Dependencies: Superseder:
Assigned To: docs@python Nosy List: SilentGhost, hanno
Priority: normal Keywords:

Created on 2019-03-21 14:22 by hanno, last changed 2019-03-21 14:38 by SilentGhost. This issue is now closed.

Messages (2)
msg338543 - (view) Author: Hanno Boeck (hanno) * Date: 2019-03-21 14:22
There's an XSS on the 404 error page:

https://bugs.python.org/%3Cimg%20src=x%20onerror=alert(1)%3E

(For lack of a webpage / bug tracker category I chose "Documentation" as the closest category I could find)
msg338545 - (view) Author: SilentGhost (SilentGhost) * (Python triager) Date: 2019-03-21 14:38
Thanks for the report, Hanno. The active bugtracker for this instance seems to be available at https://github.com/python/bugs.python.org/issues (not that anything gets done there, but it won't be here either).
History
Date User Action Args
2019-03-21 14:38:01SilentGhostsetstatus: open -> closed
nosy: + SilentGhost, - docs@python
messages: + msg338545

resolution: third party
stage: resolved
2019-03-21 14:22:10hannocreate