Uploaded image for project: 'MusicBrainz Server'
  1. MusicBrainz Server
  2. MBS-11933

/oauth2/token doesn't validate the code parameter

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2021-09-06
    • Component/s: None
    • Labels:
      None

      Description

      If you pass something like &code=27%22%00%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E you'll get

      LINE 1: ...editor_oauth_token WHERE authorization_code = any(E'{"27\\"'...
                                                                   ^
      DETAIL:  Unexpected end of input. [for Statement "SELECT id, editor, application, authorization_code, access_token, refresh_token, expire_time, scope, code_challenge, code_challenge_method FROM editor_oauth_token WHERE authorization_code = any(?)" with ParamValues: 1='{"27\"'] at lib/MusicBrainz/Server/Connector.pm line 50
      

      and this returns an HTML error page instead of JSON.

        Attachments

          Activity

            People

            Assignee:
            bitmap Michael Wiencek
            Reporter:
            bitmap Michael Wiencek
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Packages

                Version Package
                2021-09-06