[jira] [Commented] (TIKA-2829) Security Vulnerability in boilerpipe (CVE-2018-16481)

["Alex LI (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/TIKA-2829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16785003#comment-16785003 ] 

Alex LI commented on TIKA-2829:
-------------------------------

Hi Tim,

I saw this in a OWASP DependencyChecker, what it reports:
|[de.l3s.boilerpipe.boilerpipe-1.1.0.jar|http://owasp.dxdev.ibm.com:9080/data/scans/prod-authoring-cognitive_dependency-check-report.html#l4_f62cb75ed52455a9e68d1d05b84c500673340eb2]|cpe:/a:html-pages_project:html-pages:1.1.0|[de.l3s.boilerpipe:boilerpipe:1.1.0|https://search.maven.org/remotecontent?filepath=de/l3s/boilerpipe/boilerpipe/1.1.0/boilerpipe-1.1.0.jar] ✓|Medium|1|Low|22|

I think the de.l3s.boilerpipe:boilerpipe:1.1.0 is from Tika:

[info] de.l3s.boilerpipe:boilerpipe:1.1.0
[info]   +-org.apache.tika:tika-parsers:1.20

 

Regarding how the vulnerability in action, please refers to:

[https://hackerone.com/reports/330356]

Regards,

Alex

> Security Vulnerability in boilerpipe (CVE-2018-16481)
> -----------------------------------------------------
>
>                 Key: TIKA-2829
>                 URL: https://issues.apache.org/jira/browse/TIKA-2829
>             Project: Tika
>          Issue Type: Bug
>          Components: parser
>    Affects Versions: 1.20
>            Reporter: Alex LI
>            Priority: Major
>
> org.apache.tika:tika-parsers:1.20 depending on boilerpipe, which the dependency reflections uses.
> [https://nvd.nist.gov/vuln/detail/CVE-2018-16481]
> h3. Current Description
> A XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the user's browser due to the absence of sanitization of the paths before rendering.
> ==========================
> [info] de.l3s.boilerpipe:boilerpipe:1.1.0
> [info]   +-org.apache.tika:tika-parsers:1.20



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)