[jira] [Created] (SLING-8388) XSS possible in system console - servletresolver

Ashok Kumar (JIRA) Thu, 02 May 2019 21:13:59 -0700

Ashok Kumar created SLING-8388:
----------------------------------

             Summary: XSS possible in system console - servletresolver
                 Key: SLING-8388
                 URL: https://issues.apache.org/jira/browse/SLING-8388
             Project: Sling
          Issue Type: Bug
          Components: ResourceResolver
    Affects Versions: Servlets Resolver 2.5.2
            Reporter: Ashok Kumar
             Fix For: Servlets Resolver 2.5.4



*Issue Summary :* There is a XSS possible in system console.

*Steps to reproduce :*

*Scenario 1 :*
 # Open a local instance
 # Open the link 
[http://localhost:4502/system/console/services?filter=%22onmouseover=%22alert(%27xss%27)%22]
 in Internet Explorer.
 # Chrome would auto flag XSS exploit and prevent page load

*Scenario 2 :*
 # Open a local instance
 # Open the link 
[http://localhost:4502/system/console/servletresolver?url=%2Fcontent%2Fdam%3Cscript%3Ealert%28%27123%27%29%3C%2Fscript%3E&method=GET]
  in Internet Explorer.
 # Chrome would auto flag XSS exploit and prevent page load

*Expected Behavior :* The pop up should not come up.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (SLING-8388) XSS possible in system console - servletresolver

Reply via email to