Sagar Miglani created SLING-11438:
-------------------------------------
Summary: Resource path consising of %7D with multiple dots leads
to path traversal
Key: SLING-11438
URL: https://issues.apache.org/jira/browse/SLING-11438
Project: Sling
Issue Type: Bug
Components: Engine
Affects Versions: Engine 2.9.0
Reporter: Sagar Miglani
With changes of SLING-10225, sling-engine started considering requests
consisting of resource path with %5B ([) and multiple dots as "Invalid", as it
could lead to path traversal and exposure of repository content.
But same could happen with %7D (}) with multiple dots in the request resource
path.
e.g:
http://<HOST>:<PORT>/content/we-retail/us/en/experience.html/.%7D./.%7D./.1.json
would lead to exposure of repository content stored at /content/we-retail/us
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
