[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15025642#comment-15025642
]
Miriam Celi commented on SOLR-7949:
---
I wasn't sure if 5.3.0 was one of the affected versions, since the Details
included at the top of the record only lists 4.9, 4.10.4, 5.2.1 as affected
versions. Perhaps Affected Versions should be set to "All versions prior to
5.3.1" in order to avoid confusion???
> Thers is a xss issue in plugins/stats page of Admin Web UI.
> ---
>
> Key: SOLR-7949
> URL: https://issues.apache.org/jira/browse/SOLR-7949
> Project: Solr
> Issue Type: Bug
> Components: web gui
>Affects Versions: 4.9, 4.10.4, 5.2.1
>Reporter: davidchiu
>Assignee: Jan Høydahl
> Fix For: 5.4, 5.3.1, Trunk
>
>
> Open Solr Admin Web UI, select a core(such as collection1) and then click
> "Plugins/stats",and type a url like
> "http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score= src=1 onerror=alert(1);> to the browser address, you will get alert box with
> "1".
> I changed follow code to resolve this problem:
> The Original code:
> for( var i = 0; i < entry_count; i++ )
> {
> $( 'a[data-bean="' + entries[i] + '"]', frame_element )
> .parent().addClass( 'expanded' );
> }
> The Changed code:
> for( var i = 0; i < entry_count; i++ )
> {
> $( 'a[data-bean="' + entries[i].esc() + '"]', frame_element )
> .parent().addClass( 'expanded' );
> }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15025439#comment-15025439
]
Upayavira commented on SOLR-7949:
-
[~mceli] from the fix version, it looks like it was resolved in 5.3.1, so yes,
it is in 5.3.0.
> Thers is a xss issue in plugins/stats page of Admin Web UI.
> ---
>
> Key: SOLR-7949
> URL: https://issues.apache.org/jira/browse/SOLR-7949
> Project: Solr
> Issue Type: Bug
> Components: web gui
>Affects Versions: 4.9, 4.10.4, 5.2.1
>Reporter: davidchiu
>Assignee: Jan Høydahl
> Fix For: 5.4, 5.3.1, Trunk
>
>
> Open Solr Admin Web UI, select a core(such as collection1) and then click
> "Plugins/stats",and type a url like
> "http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score= src=1 onerror=alert(1);> to the browser address, you will get alert box with
> "1".
> I changed follow code to resolve this problem:
> The Original code:
> for( var i = 0; i < entry_count; i++ )
> {
> $( 'a[data-bean="' + entries[i] + '"]', frame_element )
> .parent().addClass( 'expanded' );
> }
> The Changed code:
> for( var i = 0; i < entry_count; i++ )
> {
> $( 'a[data-bean="' + entries[i].esc() + '"]', frame_element )
> .parent().addClass( 'expanded' );
> }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15024787#comment-15024787
]
Miriam Celi commented on SOLR-7949:
---
Does this issue also affect version 5.3.0?
> Thers is a xss issue in plugins/stats page of Admin Web UI.
> ---
>
> Key: SOLR-7949
> URL: https://issues.apache.org/jira/browse/SOLR-7949
> Project: Solr
> Issue Type: Bug
> Components: web gui
>Affects Versions: 4.9, 4.10.4, 5.2.1
>Reporter: davidchiu
>Assignee: Jan Høydahl
> Fix For: 5.4, 5.3.1, Trunk
>
>
> Open Solr Admin Web UI, select a core(such as collection1) and then click
> "Plugins/stats",and type a url like
> "http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score= src=1 onerror=alert(1);> to the browser address, you will get alert box with
> "1".
> I changed follow code to resolve this problem:
> The Original code:
> for( var i = 0; i < entry_count; i++ )
> {
> $( 'a[data-bean="' + entries[i] + '"]', frame_element )
> .parent().addClass( 'expanded' );
> }
> The Changed code:
> for( var i = 0; i < entry_count; i++ )
> {
> $( 'a[data-bean="' + entries[i].esc() + '"]', frame_element )
> .parent().addClass( 'expanded' );
> }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14709018#comment-14709018
]
ASF subversion and git services commented on SOLR-7949:
---
Commit 1697341 from jan...@apache.org in branch 'dev/branches/lucene_solr_5_3'
[ https://svn.apache.org/r1697341 ]
SOLR-7949: Resolve XSS issue in Admin UI stats page (backport)
Thers is a xss issue in plugins/stats page of Admin Web UI.
---
Key: SOLR-7949
URL: https://issues.apache.org/jira/browse/SOLR-7949
Project: Solr
Issue Type: Bug
Components: web gui
Affects Versions: 4.9, 4.10.4, 5.2.1
Reporter: davidchiu
Assignee: Jan Høydahl
Fix For: Trunk, 5.4, 5.3.1
Open Solr Admin Web UI, select a core(such as collection1) and then click
Plugins/stats,and type a url like
http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score=img
src=1 onerror=alert(1); to the browser address, you will get alert box with
1.
I changed follow code to resolve this problem:
The Original code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i] + ']', frame_element )
.parent().addClass( 'expanded' );
}
The Changed code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i].esc() + ']', frame_element )
.parent().addClass( 'expanded' );
}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14708985#comment-14708985
]
Upayavira commented on SOLR-7949:
-
Thanks! And, please note that there is a new instance of the UI, backed by
AngularJS that will at some point take over from the one you have been
reviewing. I would *love* to have your eye cast over that one too. It *should*
be feature-to-feature compatible with the old one. In Solr 5.3 it is at
http://localhost:8983/solr/index.html#
Thers is a xss issue in plugins/stats page of Admin Web UI.
---
Key: SOLR-7949
URL: https://issues.apache.org/jira/browse/SOLR-7949
Project: Solr
Issue Type: Bug
Components: web gui
Affects Versions: 4.9, 4.10.4, 5.2.1
Reporter: davidchiu
Assignee: Jan Høydahl
Fix For: Trunk, 5.4, 5.3.1
Open Solr Admin Web UI, select a core(such as collection1) and then click
Plugins/stats,and type a url like
http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score=img
src=1 onerror=alert(1); to the browser address, you will get alert box with
1.
I changed follow code to resolve this problem:
The Original code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i] + ']', frame_element )
.parent().addClass( 'expanded' );
}
The Changed code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i].esc() + ']', frame_element )
.parent().addClass( 'expanded' );
}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14708704#comment-14708704
]
davidchiu commented on SOLR-7949:
-
OK,I will try to uploading patch files where finding bugs。
Thers is a xss issue in plugins/stats page of Admin Web UI.
---
Key: SOLR-7949
URL: https://issues.apache.org/jira/browse/SOLR-7949
Project: Solr
Issue Type: Bug
Components: web gui
Affects Versions: 4.9, 4.10.4, 5.2.1
Reporter: davidchiu
Assignee: Jan Høydahl
Fix For: Trunk, 5.4, 5.3.1
Open Solr Admin Web UI, select a core(such as collection1) and then click
Plugins/stats,and type a url like
http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score=img
src=1 onerror=alert(1); to the browser address, you will get alert box with
1.
I changed follow code to resolve this problem:
The Original code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i] + ']', frame_element )
.parent().addClass( 'expanded' );
}
The Changed code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i].esc() + ']', frame_element )
.parent().addClass( 'expanded' );
}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14706572#comment-14706572
]
Jan Høydahl commented on SOLR-7949:
---
[~davidchiu] thanks for your bug reports. I don't know if you do all your
research in FireBug or if you download the full Solr source code and build
yourself. If you do the latter, please consider uploading your findings as a
patch file. See more in https://wiki.apache.org/solr/HowToContribute
Thers is a xss issue in plugins/stats page of Admin Web UI.
---
Key: SOLR-7949
URL: https://issues.apache.org/jira/browse/SOLR-7949
Project: Solr
Issue Type: Bug
Components: web gui
Affects Versions: 4.9, 4.10.4, 5.2.1
Reporter: davidchiu
Assignee: Jan Høydahl
Fix For: Trunk, 5.4, 5.3.1
Open Solr Admin Web UI, select a core(such as collection1) and then click
Plugins/stats,and type a url like
http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score=img
src=1 onerror=alert(1); to the browser address, you will get alert box with
1.
I changed follow code to resolve this problem:
The Original code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i] + ']', frame_element )
.parent().addClass( 'expanded' );
}
The Changed code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i].esc() + ']', frame_element )
.parent().addClass( 'expanded' );
}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14706396#comment-14706396
]
ASF subversion and git services commented on SOLR-7949:
---
Commit 1696903 from jan...@apache.org in branch 'dev/branches/branch_5x'
[ https://svn.apache.org/r1696903 ]
SOLR-7949: Resolve XSS issue in Admin UI stats page (backport)
Thers is a xss issue in plugins/stats page of Admin Web UI.
---
Key: SOLR-7949
URL: https://issues.apache.org/jira/browse/SOLR-7949
Project: Solr
Issue Type: Bug
Components: web gui
Affects Versions: 4.9, 4.10.4, 5.2.1
Reporter: davidchiu
Assignee: Jan Høydahl
Fix For: Trunk, 5.4, 5.3.1
Open Solr Admin Web UI, select a core(such as collection1) and then click
Plugins/stats,and type a url like
http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score=img
src=1 onerror=alert(1); to the browser address, you will get alert box with
1.
I changed follow code to resolve this problem:
The Original code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i] + ']', frame_element )
.parent().addClass( 'expanded' );
}
The Changed code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i].esc() + ']', frame_element )
.parent().addClass( 'expanded' );
}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7949) Thers is a xss issue in plugins/stats page of Admin Web UI.
[
https://issues.apache.org/jira/browse/SOLR-7949?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14704819#comment-14704819
]
ASF subversion and git services commented on SOLR-7949:
---
Commit 1696782 from jan...@apache.org in branch 'dev/trunk'
[ https://svn.apache.org/r1696782 ]
SOLR-7949: Resolve XSS issue in Admin UI stats page
Thers is a xss issue in plugins/stats page of Admin Web UI.
---
Key: SOLR-7949
URL: https://issues.apache.org/jira/browse/SOLR-7949
Project: Solr
Issue Type: Bug
Components: web gui
Affects Versions: 4.9, 4.10.4, 5.2.1
Reporter: davidchiu
Assignee: Jan Høydahl
Fix For: Trunk, 5.4, 5.3.1
Open Solr Admin Web UI, select a core(such as collection1) and then click
Plugins/stats,and type a url like
http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score=img
src=1 onerror=alert(1); to the browser address, you will get alert box with
1.
I changed follow code to resolve this problem:
The Original code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i] + ']', frame_element )
.parent().addClass( 'expanded' );
}
The Changed code:
for( var i = 0; i entry_count; i++ )
{
$( 'a[data-bean=' + entries[i].esc() + ']', frame_element )
.parent().addClass( 'expanded' );
}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
