XSS <style> Exploit using Https proxy

[MaxNiftyNine]

trafficstars

Summary:

Using a https proxy, you can send a xss(kinda) in a discussions page using

Steps to reproduce:

1. Start up your https proxy and connect to it
2. Open up a discussions page and send or edit a message
3. Intercept it with a https proxy and replace the text in the message with something that uses )

Expected behavior:

This not working

Actual behavior:

this working

Additional notes:

[ccutrer]

What are you expecting the solution to be here? If you're introducing a MITM that can alter content, I'm not sure there's much the application can do to protect against it. We already sanitize the content when it gets to our servers.

[MaxNiftyNine]

What are you expecting the solution to be here? If you're introducing a MITM that can alter content, I'm not sure there's much the application can do to protect against it. We already sanitize the content when it gets to our servers.

Is it possible to scan the text for a string like "

Sorry if im being naive

[Milk-Cool]

What are you expecting the solution to be here? If you're introducing a MITM that can alter content, I'm not sure there's much the application can do to protect against it. We already sanitize the content when it gets to our servers.

Is it possible to scan the text for a string like "

Sorry if im being naive

i think it's actually very doable and i was able to reproduce this so i don't see any reason for why this isn't being fixed

[YodaLightsabr]

+1, I can reproduce this, and when combined with iframes, you can easily display a fake login screen that mimics the real canvas login screen to capture user credentials.