[jira] [Closed] (SLING-8388) XSS possible in system console - servletresolver

Karl Pauls (JIRA) Wed, 15 May 2019 13:38:26 -0700


     [ 
https://issues.apache.org/jira/browse/SLING-8388?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Karl Pauls closed SLING-8388.
-----------------------------

> XSS possible in system console - servletresolver
> ------------------------------------------------
>
>                 Key: SLING-8388
>                 URL: https://issues.apache.org/jira/browse/SLING-8388
>             Project: Sling
>          Issue Type: Bug
>          Components: ResourceResolver
>    Affects Versions: Servlets Resolver 2.5.2
>            Reporter: Ashok Kumar
>            Assignee: Karl Pauls
>            Priority: Major
>             Fix For: Servlets Resolver 2.5.4
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> *Issue Summary :* There is a XSS possible in system console.
> *Steps to reproduce :*
> *Scenario 1 :*
>  # Open a local instance
>  # Open the link 
> [http://localhost:4502/system/console/services?filter=%22onmouseover=%22alert(%27xss%27)%22]
>  in Internet Explorer.
>  # Chrome would auto flag XSS exploit and prevent page load
> *Scenario 2 :*
>  # Open a local instance
>  # Open the link 
> [http://localhost:4502/system/console/servletresolver?url=%2Fcontent%2Fdam%3Cscript%3Ealert%28%27123%27%29%3C%2Fscript%3E&method=GET]
>   in Internet Explorer.
>  # Chrome would auto flag XSS exploit and prevent page load
> *Expected Behavior :* The pop up should not come up.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Closed] (SLING-8388) XSS possible in system console - servletresolver

Reply via email to