[jira] [Commented] (OFBIZ-12584) Stored XSS in webappPath parameter from content/control/EditWebSite

Sun, 27 Feb 2022 04:41:07 -0800 


    [ 
https://issues.apache.org/jira/browse/OFBIZ-12584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498583#comment-17498583
 ] 

ASF subversion and git services commented on OFBIZ-12584:
---------------------------------------------------------

Commit 247b8713ba2e37b8dd6a8afb60425005e32e0bef in ofbiz-framework's branch 
refs/heads/release18.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=247b871 ]

Fixed: Stored XSS in webappPath parameter from content/control/EditWebSite 
(OFBIZ-12584)

A user with rights to modify and/or create websites may insert malicious HTML
elements in the “webappPath” parameter from content/control/EditWebSite
resulting in XSS.

In order to trigger the XSS a victim needs to navigate to main page of the
modified website (eg webpos or ecommerce) and interact with the malicious
HTML elements (eg trigger the “onmouseover” event by navigating with the mouse
over the “form” and/or “a” tags).

Thanks to Matei "Mal" Badanoiu for reporting this post-auth vulnerabily

Conflicts handled by hand in EntityAutoEngine.java


> Stored XSS in webappPath parameter from content/control/EditWebSite
> -------------------------------------------------------------------
>
>                 Key: OFBIZ-12584
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-12584
>             Project: OFBiz
>          Issue Type: Bug
>          Components: content, framework/entity
>    Affects Versions: 18.12.05
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Major
>
> A user with rights to modify and/or create websites may insert malicious HTML 
> elements in
> the “webappPath” parameter from content/control/EditWebSite resulting in XSS.
> In order to trigger the XSS a victim needs to navigate to main page of the 
> modified website (eg webpos or ecommerce) and interact with the malicious 
> HTML elements (eg trigger the “onmouseover” event by navigating with the 
> mouse over the “form” and/or “a” tags).
> Thanks to Matei "Mal" Badanoiu for reporting this post-auth vulnerabily



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to