Akhil S Naik created ZEPPELIN-4335:
--------------------------------------
Summary: Deleting a Notebook is vulnerable to XSS attach
Key: ZEPPELIN-4335
URL: https://issues.apache.org/jira/browse/ZEPPELIN-4335
Project: Zeppelin
Issue Type: Bug
Components: zeppelin-web
Affects Versions: 0.8.1, 0.8.0
Reporter: Akhil S Naik
Assignee: Akhil S Naik
Attachments: XSS attack.mov
Problem Statement : Deleting a Notebook is vulnerable to XSS attach
Issue reproducing :
1) create a notebook
2) give the permission to notebook as : <script>alert('hi')</script> (press
space after writing this, not enter key)
3) after this, try to delete the notebook, the BootstrapDialog that popups
stating insufficient privilages is vulnerable to XSS attack
analysis :
https://github.com/apache/zeppelin/blob/dda5a145249538eb5a49e452e34f9c5779e0ad87/zeppelin-web/src/components/websocket/websocket-event.factory.js#L110
in thi part of code we should sanitize the input given to bootStrapDialog with
_.escape
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
