You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by "Dejan Bosanac (JIRA)" <ji...@apache.org> on 2010/02/23 16:42:40 UTC
[jira] Resolved: (AMQ-2613) Persistent Cross-site Scripting in
/createDesitnation.action [JMSDestination parameter]
[ https://issues.apache.org/activemq/browse/AMQ-2613?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dejan Bosanac resolved AMQ-2613.
--------------------------------
Resolution: Fixed
Fix Version/s: 5.4.0
5.3.1
Fixed with svn revision 915384 and merged into 5.3 branch.
The web console should now be immune to XSS and CSRF attacks. First ones are fixed by sanitizing the output. The CSRF attacks are prevented by sending a secret to the form and checking it before modifying results. Also, POST method is forced where it is applicable.
> Persistent Cross-site Scripting in /createDesitnation.action [JMSDestination parameter]
> ---------------------------------------------------------------------------------------
>
> Key: AMQ-2613
> URL: https://issues.apache.org/activemq/browse/AMQ-2613
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.3.0
> Environment: Linux environment.
> Reporter: Rajat Swarup
> Assignee: Dejan Bosanac
> Priority: Critical
> Fix For: 5.3.1, 5.4.0
>
>
> GET /createDestination.action?JMSDestinationType=queue&JMSDestination=%22%3E%3Cscript%3Ealert%28%22persistent%20XSS%22%29%3C%2fscript%3E
> This GET request creates a queue name that has malformed queue name due to lack of input validation. After sending this request a sample of the effect can be seen by browsing to /queues.jsp and clicking on the "Home" link.
> I do not know the affected version information yet. Is there some way I can find it?
> Additionally, this is vulnerable to cross-site request forgery as well but XSS is a more critical bug than XSRF (at least at this point for me I guess).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.