You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Robert Munteanu (Jira)" <ji...@apache.org> on 2022/07/18 12:13:00 UTC

[jira] [Closed] (SLING-11438) Resource path consisting of %7D with multiple dots leads to path traversal

     [ https://issues.apache.org/jira/browse/SLING-11438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Robert Munteanu closed SLING-11438.
-----------------------------------

> Resource path consisting of %7D with multiple dots leads to path traversal
> --------------------------------------------------------------------------
>
>                 Key: SLING-11438
>                 URL: https://issues.apache.org/jira/browse/SLING-11438
>             Project: Sling
>          Issue Type: Bug
>          Components: Engine
>    Affects Versions: Engine 2.9.0
>            Reporter: Sagar Miglani
>            Assignee: Karl Pauls
>            Priority: Major
>             Fix For: Engine 2.9.2
>
>          Time Spent: 2h 10m
>  Remaining Estimate: 0h
>
> With changes of SLING-10225, sling-engine started considering requests consisting of resource path with %5B ([) and multiple dots as "Invalid", as it could lead to path traversal and exposure of repository content.
> But same could happen with %7D (}) with multiple dots in the request resource path.
> e.g: http://<HOST>:<PORT>/content/we-retail/us/en/experience.html/.%7D./.%7D./.1.json would lead to exposure of repository content stored at /content/we-retail/us



--
This message was sent by Atlassian Jira
(v8.20.10#820010)