XSS On meta tags in profile page

• Title: XSS On meta tags in profile page
• Types: Cross-Site Scripting (XSS), Unvalidated / Open Redirect
• Link: https://hackerone.com/reports/159984
• Date: 2016-08-17 03:37:30 -0500
• By: plazmaz

Details:

The profile page (https://gitlab.com/u/) does not properly sanitize quotation marks, allowing for injection of attributes into the meta tags. This allows for redirection to phishing sites and other various nefarious things. I've managed to get my profile page to redirect to Bing by setting my bio to 0;url=http://www.bing.com" http-equiv="refresh

Reassigned to @rspeicher

Related: https://gitlab.com/gitlab-org/gitlab-ce/issues/21025

mentioned in commit 01fc7633

mentioned in merge request !5873 (merged)

Status changed to closed by merge request !5873 (merged)

mentioned in commit 0ff39331

mentioned in commit e26ce27d

mentioned in commit 8b21b00f

mentioned in commit gitlab-com/www-gitlab-com@145aa96c

Made the issue visible

Mentioned in commit pfjason/gitlab-ce@0ff39331

Mentioned in commit pfjason/gitlab-ce@8b21b00f

mentioned in commit test-nick/gitlab-ce@6079142b

mentioned in commit test-nick/gitlab-ce@4abc3509

mentioned in commit test-nick/gitlab-ce@f96a9e46

mentioned in merge request !14785