FormBuilder submit error: XSS attempt!

Have a question or a suggestion about a 3rd party addon module or plugin?
Let us know here.
Post Reply
adikat
New Member
New Member
Posts: 4
Joined: Wed Dec 16, 2020 4:28 pm

FormBuilder submit error: XSS attempt!

Post by adikat »

All the forms on my site are showing an XSS attempt error on submission. They were working, not sure what changed to prevent them from working.

I have tried to remove cache and I removed the CSRF field from one of the forms but nothing changed.

CMSMS Version 2.2.15
CMSMailer 6.2.14
FormBuilder 1.1
Attachments
formbuilder.PNG
Top
smithdesign77
Forum Members
Forum Members
Posts: 25
Joined: Mon Jan 02, 2017 10:27 pm

Re: FormBuilder submit error: XSS attempt!

Post by smithdesign77 »

I only run into this when trying to resend the form (refresh page) or sending too often within short time periods (what happens while developing, but not regulary).
I came to the idea it could have issues with the cookies … especially the admin-cookies … because, when I used another Browser (developing with Firefox switching to Chrome or vice versa) in incognito mode, it worked every single time without a single error.

Hence the most important question was for me: Will the user run into an error too?
And as far I could tell: No, he probalby won't.
If I can avoid errors by browsing incognito, it'll probably work for the user too.

This new feature is probably really nice … however I'd really wish I could track the number of such errors.
While the URL is not different at all, and also I could not find any kind of adjustable content* where I could place an UDT (for example, to increment a number in a text file or set up a log) I thought this may be tricky to trust.

* Altering the translation file is maybe not best practise. Also I don't know if I could run PHP oder Smarty from a translation variable.
Top
User avatar
Jo Morg
Dev Team Member
Dev Team Member
Posts: 1924
Joined: Mon Jan 29, 2007 4:47 pm

Re: FormBuilder submit error: XSS attempt!

Post by Jo Morg »

I was finally able to reproduce this issue... it's fixed in SVN and I'll release the new version as soon as I have some time to cut it. Thanks.
"There are 10 types of people in this world, those who understand binary... and those who don't."
* by the way: English is NOT my native language (sorry for any mistakes...).
Code of Condut | CMSMS Docs | Help Support CMSMS
My developer Page on the Forge
GeekMoot 2015 in Ghent, Belgium: I was there!
GeekMoot 2016 in Leicester, UK: I was there!
DevMoot 2023 in Cynwyd, Wales: I was there!
Top
User avatar
master3395
Forum Members
Forum Members
Posts: 94
Joined: Mon Mar 30, 2015 7:13 am
Location: Norway

Re: FormBuilder submit error: XSS attempt!

Post by master3395 »

Jo Morg wrote: Thu Jan 07, 2021 8:54 pm I was finally able to reproduce this issue... it's fixed in SVN and I'll release the new version as soon as I have some time to cut it. Thanks.
Did you find any time to update this :)
I got the same issue on my end today.
Top
User avatar
timdebuurman
Power Poster
Power Poster
Posts: 891
Joined: Sun Nov 06, 2011 8:15 pm
Location: Deventer, Netherlands

Re: FormBuilder submit error: XSS attempt!

Post by timdebuurman »

Hi, I came across this issue today. Any idea on when the new release may come?
NextDoorMedia - Online Marketing Partner
https://www.nextdoormedia.nl
Top
User avatar
Rolf
Power Poster
Power Poster
Posts: 7825
Joined: Wed Apr 23, 2008 7:53 am
Location: The Netherlands
Contact:
Contact Rolf

Re: FormBuilder submit error: XSS attempt!

Post by Rolf »

I will do some more minor fixes and tests and will release a new version this week.
- + - + - + - + - + - + -
LATEST TUTORIAL AT CMS CAN BE SIMPLE:
Migrating Company Directory module to LISE
- + - + - + - + - + - + -
Image
Top
Post Reply

Return to “Modules/Add-Ons”