You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@drill.apache.org by "salim achouche (JIRA)" <ji...@apache.org> on 2019/05/29 23:12:00 UTC

[jira] [Resolved] (DRILL-7276) xss(bug) in apache drill Web UI latest verion 1.16.0 when authenticated

     [ https://issues.apache.org/jira/browse/DRILL-7276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

salim achouche resolved DRILL-7276.
-----------------------------------
    Resolution: Fixed

> xss(bug) in apache drill Web UI latest verion 1.16.0 when authenticated 
> ------------------------------------------------------------------------
>
>                 Key: DRILL-7276
>                 URL: https://issues.apache.org/jira/browse/DRILL-7276
>             Project: Apache Drill
>          Issue Type: Bug
>          Components: Web Server
>    Affects Versions: 1.16.0
>            Reporter: shuiboye
>            Assignee: Anton Gozhiy
>            Priority: Major
>              Labels: ready-to-commit
>             Fix For: 1.17.0
>
>         Attachments: 1.png, 2.png, 4.png
>
>
> In the query page,I select the "SQL" of the "Query Type"  and in the "Query" field I input "*select '<svg/onload=alert(/xss/)>'  FROM cp.`employee.json`*".
> !1.png!
> After submitting,I get the Query Profile whose url is "*[http://127.0.0.1:8047/profiles/231beb11-4b43-0762-8b90-76a9af2edd24]*".
> !2.png!
> Any user who visits the profile page and clicks "JSON profile" at the bottom to see the FULL JSON Profile will see two alert boxes as shown below.
>   !4.png!
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)