XSS vulnerability in calendar component (apply to 5.1.0.x)
----------------------------------------------------------
Key: TAP5-1262
URL: https://issues.apache.org/jira/browse/TAP5-1262
Project: Tapestry 5
Issue Type: Bug
Components: tapestry-core
Affects Versions: 5.1.0.5
Reporter: Christophe Cordenier
Assignee: Christophe Cordenier
Fix For: 5.2.0
The calendar component provided in tapestry 5.1.0.5 could be used to allow code
injection by malicious web users into any page that uses datefield .
To reproduce the vulnerability, put js code like <script>alert("T5 is great");
</script> in any datefield and click on the related calendar bitma
After quick search in the DateField.js, it seems like the field value is not
escaping
escaping with a change like var value = escape($F(this.field)); the field
value seems solve this vulnerability.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
