You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Ashok Kumar (JIRA)" <ji...@apache.org> on 2019/05/03 04:29:00 UTC
[jira] [Commented] (SLING-8388) XSS possible in system console -
servletresolver
[ https://issues.apache.org/jira/browse/SLING-8388?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16832239#comment-16832239 ]
Ashok Kumar commented on SLING-8388:
------------------------------------
PR created with the fix - [https://github.com/apache/sling-org-apache-sling-servlets-resolver/pull/4]
CC - [~kpauls], [~radu.cotescu]
> XSS possible in system console - servletresolver
> ------------------------------------------------
>
> Key: SLING-8388
> URL: https://issues.apache.org/jira/browse/SLING-8388
> Project: Sling
> Issue Type: Bug
> Components: ResourceResolver
> Affects Versions: Servlets Resolver 2.5.2
> Reporter: Ashok Kumar
> Priority: Major
> Fix For: Servlets Resolver 2.5.4
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> *Issue Summary :* There is a XSS possible in system console.
> *Steps to reproduce :*
> *Scenario 1 :*
> # Open a local instance
> # Open the link [http://localhost:4502/system/console/services?filter=%22onmouseover=%22alert(%27xss%27)%22] in Internet Explorer.
> # Chrome would auto flag XSS exploit and prevent page load
> *Scenario 2 :*
> # Open a local instance
> # Open the link [http://localhost:4502/system/console/servletresolver?url=%2Fcontent%2Fdam%3Cscript%3Ealert%28%27123%27%29%3C%2Fscript%3E&method=GET] in Internet Explorer.
> # Chrome would auto flag XSS exploit and prevent page load
> *Expected Behavior :* The pop up should not come up.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)