Julian Sedding created SLING-2974:
-------------------------------------
Summary: XSS vulnerability in AbstractAuthenticationFormServlet
Key: SLING-2974
URL: https://issues.apache.org/jira/browse/SLING-2974
Project: Sling
Issue Type: Bug
Components: Authentication
Affects Versions: Auth Core 1.1.2
Reporter: Julian Sedding
The AbstractAuthenticationFormServlet replaces placeholders in an HTML page
with user-provided input without taking care of proper escaping of the input.
Hence it is possible to construct an XSS-attack exploiting this servlet.
This is made worse by the fact that this servlet doesn't provide an obvious way
to disable it. Setting the sling.servlet.path="-" using content based
configuration did the trick in my case, however.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
