You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Upayavira (JIRA)" <ji...@apache.org> on 2015/08/16 21:42:45 UTC
[jira] [Resolved] (SOLR-7920) Thers is a xss issue in
schema-browser page of Admin Web UI.
[ https://issues.apache.org/jira/browse/SOLR-7920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Upayavira resolved SOLR-7920.
-----------------------------
Resolution: Fixed
Thanks for the report!
> Thers is a xss issue in schema-browser page of Admin Web UI.
> ------------------------------------------------------------
>
> Key: SOLR-7920
> URL: https://issues.apache.org/jira/browse/SOLR-7920
> Project: Solr
> Issue Type: Bug
> Components: web gui
> Affects Versions: 4.9, 4.10.4, 5.2.1
> Reporter: davidchiu
> Assignee: Upayavira
>
> Open Solr Admin Web UI, select a core(such as collection1) and then click "schema-browse",and input a url like "http://127.0.0.1:8983/solr/#/collection1/schema-browser?field=cat=<img src=1 onerror=alert(1);>" to the browser address, you will get alert box with "1".
> I changed follow code to void this problem:
> Original code:
> $( 'option[value="' + params.route_params.path + '"]', related_select_element )
> .attr( 'selected', 'selected' );
> Changed code:
> $( 'option[value="' + params.route_params.path.esc() + '"]', related_select_element )
> .attr( 'selected', 'selected' );
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org