Issue 36391: XSS in bugs.python.org 404 error page - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/80572

classification

Title:	XSS in bugs.python.org 404 error page
Type:	security	Stage:	resolved
Components:	Documentation	Versions:

process

Status:	closed	Resolution:	third party
Dependencies:		Superseder:
Assigned To:	docs@python	Nosy List:	SilentGhost, hanno
Priority:	normal	Keywords:

Created on 2019-03-21 14:22 by hanno, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Messages (2)
msg338543 - (view)	Author: Hanno Boeck (hanno) *	Date: 2019-03-21 14:22
There's an XSS on the 404 error page: https://bugs.python.org/%3Cimg%20src=x%20onerror=alert(1)%3E (For lack of a webpage / bug tracker category I chose "Documentation" as the closest category I could find)
msg338545 - (view)	Author: SilentGhost (SilentGhost) *	Date: 2019-03-21 14:38
Thanks for the report, Hanno. The active bugtracker for this instance seems to be available at https://github.com/python/bugs.python.org/issues (not that anything gets done there, but it won't be here either).

History
Date	User	Action	Args
2022-04-11 14:59:12	admin	set	github: 80572
2019-03-21 14:38:01	SilentGhost	set	status: open -> closed nosy: + SilentGhost, - docs@python messages: + msg338545 resolution: third party stage: resolved
2019-03-21 14:22:10	hanno	create