[ https://issues.apache.org/jira/browse/SENTRY-1665?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Towles reassigned SENTRY-1665: ------------------------------------ Assignee: Brian Towles > cross-site scripting vulnerability in ConfServlet > ------------------------------------------------- > > Key: SENTRY-1665 > URL: https://issues.apache.org/jira/browse/SENTRY-1665 > Project: Sentry > Issue Type: Bug > Components: Sentry > Affects Versions: 1.8.0 > Reporter: Alexander Kolbasov > Assignee: Brian Towles > Labels: bite-sized, newbie, security > > The ConfServlet class has the following code: > {code} > String format = request.getParameter(FORMAT_PARAM); > ... > } else { > response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Bad format: " + > format); > } > {code} > As a result HTTP parameter is directly written to Servlet error page. > Echoing this untrusted input allows for a reflected cross site scripting > vulnerability. See http://en.wikipedia.org/wiki/Cross-site_scripting for more > information. -- This message was sent by Atlassian JIRA (v6.4.14#64029)