You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by bond- <gi...@git.apache.org> on 2014/03/08 13:32:27 UTC
[GitHub] sling pull request: SLING-3443: Parameter based redirection vulner...
GitHub user bond- opened a pull request:
https://github.com/apache/sling/pull/12
SLING-3443: Parameter based redirection vulnerability in FormAuthenticationHandler
*FormAuthenticationHandler* didn't url encode the parameter(*Authenticator.LOGIN_RESOURCE*) before redirection. This leads the attacker to use this parameter to redirect to a different domain. This may also help in phishing attacks.
This was initially spotted in one of our applications which use org.apache.sling:org.apache.sling.auth.form:1.0.2
This pull request fixes the vulnerability.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/bond-/sling sling-3443
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/sling/pull/12.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #12
----
commit d1531735762e7423404f1e304dfc4c483f9556de
Author: Raviteja Lokineni <ra...@gmail.com>
Date: 2014-03-08T12:24:52Z
SLING-3443: Parameter based redirection vulnerability in FormAuthenticationHandler
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
Re: [GitHub] sling pull request: SLING-3443: Parameter based
redirection vulner...
Posted by Ravi Teja Lokineni <ra...@gmail.com>.
Hi,
Please review this pull request.
On Sat, Mar 8, 2014 at 6:02 PM, bond- <gi...@git.apache.org> wrote:
> GitHub user bond- opened a pull request:
>
> https://github.com/apache/sling/pull/12
>
> SLING-3443: Parameter based redirection vulnerability in
> FormAuthenticationHandler
>
> *FormAuthenticationHandler* didn't url encode the
> parameter(*Authenticator.LOGIN_RESOURCE*) before redirection. This leads
> the attacker to use this parameter to redirect to a different domain. This
> may also help in phishing attacks.
>
> This was initially spotted in one of our applications which use
> org.apache.sling:org.apache.sling.auth.form:1.0.2
>
> This pull request fixes the vulnerability.
>
> You can merge this pull request into a Git repository by running:
>
> $ git pull https://github.com/bond-/sling sling-3443
>
> Alternatively you can review and apply these changes as the patch at:
>
> https://github.com/apache/sling/pull/12.patch
>
> To close this pull request, make a commit to your master/trunk branch
> with (at least) the following in the commit message:
>
> This closes #12
>
> ----
> commit d1531735762e7423404f1e304dfc4c483f9556de
> Author: Raviteja Lokineni <ra...@gmail.com>
> Date: 2014-03-08T12:24:52Z
>
> SLING-3443: Parameter based redirection vulnerability in
> FormAuthenticationHandler
>
> ----
>
>
> ---
> If your project is set up for it, you can reply to this email and have your
> reply appear on GitHub as well. If your project does not have this feature
> enabled and wishes so, or if the feature is enabled but not working, please
> contact infrastructure at infrastructure@apache.org or file a JIRA ticket
> with INFRA.
> ---
>
--
*Ravi Teja Lokineni* | Software Engineer
Oracle India Pvt. Ltd.
E: raviteja.lokineni@gmail.com
<https://www.linkedin.com/in/ravitejalokineni>
[GitHub] sling pull request: SLING-3443: Parameter based redirection vulner...
Posted by bond- <gi...@git.apache.org>.
Github user bond- closed the pull request at:
https://github.com/apache/sling/pull/12
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---