subject:"\[jira\] \[Commented\] \(OFBIZ\-12096\) Post\-auth XSS vulnerability at catalog\/control\/EditProductPromo"

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

2020-12-19 Thread ASF subversion and git services (Jira)



[ 
https://issues.apache.org/jira/browse/OFBIZ-12096?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17252258#comment-17252258
 ] 

ASF subversion and git services commented on OFBIZ-12096:
-

Commit c52f29e0ae7409884c620434def11f2c47bd380f in ofbiz-framework's branch 
refs/heads/trunk from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c52f29e ]

Fixed: Post-auth XSS vulnerability at catalog/control/EditProductPromo 
(OFBIZ-12096)

We missed to unescape EcmaScript encoded strings in
UtilCoded::checkStringForHtmlSafe, ie in all form fields using allow-html="safe"

Thanks: 牛治  for report


> Post-auth XSS vulnerability at catalog/control/EditProductPromo
> ---
>
> Key: OFBIZ-12096
> URL: https://issues.apache.org/jira/browse/OFBIZ-12096
> Project: OFBiz
>  Issue Type: Sub-task
>  Components: product/catalog
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: Jacques Le Roux
>Priority: Major
> Fix For: 18.12.01, 17.12.05
>
>
> This vulnerability was reported by 牛治 :
> Locations:
> * catalog/control/EditProductPromo 
> * catalog/control/EditProductPromoCode 
> Description: the Promo Name and Promo Text input boxes on the 
> EditProductPromo page have not a valid verification and result in an XSS 
> attack. 
> Poc: Encode the characters of "alert('poruin')", and the poc 
> after encoding is as follows 
> "\x3C\x73\x63\x72\x69\x70\x74\x3E\x61\x6C\x65\x72\x74\x28\x27\x70\x6F\x72\x75\x69\x6E\x27\x29\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E"
> As this vulnerability  is a post-auth we did not create a CVE



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

2020-12-19 Thread ASF subversion and git services (Jira)



[ 
https://issues.apache.org/jira/browse/OFBIZ-12096?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17252256#comment-17252256
 ] 

ASF subversion and git services commented on OFBIZ-12096:
-

Commit 540f5c80cd07c470712d8081a827e30a1c520554 in ofbiz-framework's branch 
refs/heads/release17.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=540f5c8 ]

Fixed: Post-auth XSS vulnerability at catalog/control/EditProductPromo 
(OFBIZ-12096)

Prevents issues with integration tests

Conflicts handled by hand:
framework/base/src/main/java/org/apache/ofbiz/base/util/UtilCodec.java


> Post-auth XSS vulnerability at catalog/control/EditProductPromo
> ---
>
> Key: OFBIZ-12096
> URL: https://issues.apache.org/jira/browse/OFBIZ-12096
> Project: OFBiz
>  Issue Type: Sub-task
>  Components: product/catalog
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: Jacques Le Roux
>Priority: Major
> Fix For: 18.12.01, 17.12.05
>
>
> This vulnerability was reported by 牛治 :
> Locations:
> * catalog/control/EditProductPromo 
> * catalog/control/EditProductPromoCode 
> Description: the Promo Name and Promo Text input boxes on the 
> EditProductPromo page have not a valid verification and result in an XSS 
> attack. 
> Poc: Encode the characters of "alert('poruin')", and the poc 
> after encoding is as follows 
> "\x3C\x73\x63\x72\x69\x70\x74\x3E\x61\x6C\x65\x72\x74\x28\x27\x70\x6F\x72\x75\x69\x6E\x27\x29\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E"
> As this vulnerability  is a post-auth we did not create a CVE



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

2020-12-19 Thread ASF subversion and git services (Jira)



[ 
https://issues.apache.org/jira/browse/OFBIZ-12096?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17252257#comment-17252257
 ] 

ASF subversion and git services commented on OFBIZ-12096:
-

Commit 42571fb635964540ff217f5ecd0753a1fefd3078 in ofbiz-framework's branch 
refs/heads/release18.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=42571fb ]

Fixed: Post-auth XSS vulnerability at catalog/control/EditProductPromo 
(OFBIZ-12096)

Prevents issues with integration tests

Conflicts handled by hand:
framework/base/src/main/java/org/apache/ofbiz/base/util/UtilCodec.java


> Post-auth XSS vulnerability at catalog/control/EditProductPromo
> ---
>
> Key: OFBIZ-12096
> URL: https://issues.apache.org/jira/browse/OFBIZ-12096
> Project: OFBiz
>  Issue Type: Sub-task
>  Components: product/catalog
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: Jacques Le Roux
>Priority: Major
> Fix For: 18.12.01, 17.12.05
>
>
> This vulnerability was reported by 牛治 :
> Locations:
> * catalog/control/EditProductPromo 
> * catalog/control/EditProductPromoCode 
> Description: the Promo Name and Promo Text input boxes on the 
> EditProductPromo page have not a valid verification and result in an XSS 
> attack. 
> Poc: Encode the characters of "alert('poruin')", and the poc 
> after encoding is as follows 
> "\x3C\x73\x63\x72\x69\x70\x74\x3E\x61\x6C\x65\x72\x74\x28\x27\x70\x6F\x72\x75\x69\x6E\x27\x29\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E"
> As this vulnerability  is a post-auth we did not create a CVE



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

2020-12-19 Thread ASF subversion and git services (Jira)



[ 
https://issues.apache.org/jira/browse/OFBIZ-12096?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17252241#comment-17252241
 ] 

ASF subversion and git services commented on OFBIZ-12096:
-

Commit c7fef0c409bca7c01d1f94e9431af52714398c58 in ofbiz-framework's branch 
refs/heads/trunk from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c7fef0c ]

Fixed: Post-auth XSS vulnerability at catalog/control/EditProductPromo 
(OFBIZ-12096)

We missed to unescape EcmaScript encoded strings in
UtilCoded::checkStringForHtmlSafe, ie in all form fields using allow-html="safe"

Thanks: 牛治  for report


> Post-auth XSS vulnerability at catalog/control/EditProductPromo
> ---
>
> Key: OFBIZ-12096
> URL: https://issues.apache.org/jira/browse/OFBIZ-12096
> Project: OFBiz
>  Issue Type: Sub-task
>  Components: product/catalog
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: Jacques Le Roux
>Priority: Major
>
> This vulnerability was reported by 牛治 :
> Locations:
> * catalog/control/EditProductPromo 
> * catalog/control/EditProductPromoCode 
> Description: the Promo Name and Promo Text input boxes on the 
> EditProductPromo page have not a valid verification and result in an XSS 
> attack. 
> Poc: Encode the characters of "alert('poruin')", and the poc 
> after encoding is as follows 
> "\x3C\x73\x63\x72\x69\x70\x74\x3E\x61\x6C\x65\x72\x74\x28\x27\x70\x6F\x72\x75\x69\x6E\x27\x29\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E"
> As this vulnerability  is a post-auth we did not create a CVE



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

2020-12-19 Thread ASF subversion and git services (Jira)



[ 
https://issues.apache.org/jira/browse/OFBIZ-12096?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17252239#comment-17252239
 ] 

ASF subversion and git services commented on OFBIZ-12096:
-

Commit 637e02978cb0e11df0d202a2272055e3bf68e542 in ofbiz-framework's branch 
refs/heads/release17.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=637e029 ]

Fixed: Post-auth XSS vulnerability at catalog/control/EditProductPromo 
(OFBIZ-12096)

We missed to unescape EcmaScript encoded strings in
UtilCoded::checkStringForHtmlSafe, ie in all form fields using allow-html="safe"

Thanks: 牛治  for report

Conflicts handled by hand => no functional changes in code (ude to IDE setting)
framework/base/src/main/java/org/apache/ofbiz/base/util/UtilCodec.java


> Post-auth XSS vulnerability at catalog/control/EditProductPromo
> ---
>
> Key: OFBIZ-12096
> URL: https://issues.apache.org/jira/browse/OFBIZ-12096
> Project: OFBiz
>  Issue Type: Sub-task
>  Components: product/catalog
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: Jacques Le Roux
>Priority: Major
>
> This vulnerability was reported by 牛治 :
> Locations:
> * catalog/control/EditProductPromo 
> * catalog/control/EditProductPromoCode 
> Description: the Promo Name and Promo Text input boxes on the 
> EditProductPromo page have not a valid verification and result in an XSS 
> attack. 
> Poc: Encode the characters of "alert('poruin')", and the poc 
> after encoding is as follows 
> "\x3C\x73\x63\x72\x69\x70\x74\x3E\x61\x6C\x65\x72\x74\x28\x27\x70\x6F\x72\x75\x69\x6E\x27\x29\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E"
> As this vulnerability  is a post-auth we did not create a CVE



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

2020-12-19 Thread ASF subversion and git services (Jira)



[ 
https://issues.apache.org/jira/browse/OFBIZ-12096?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17252240#comment-17252240
 ] 

ASF subversion and git services commented on OFBIZ-12096:
-

Commit d620550a5f0fb757d2af6f66af0d7b2e19f9cb6f in ofbiz-framework's branch 
refs/heads/release18.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=d620550 ]

Fixed: Post-auth XSS vulnerability at catalog/control/EditProductPromo 
(OFBIZ-12096)

We missed to unescape EcmaScript encoded strings in
UtilCoded::checkStringForHtmlSafe, ie in all form fields using allow-html="safe"

Thanks: 牛治  for report

Conflicts handled by hand => no functional changes in code (ude to IDE setting)
framework/base/src/main/java/org/apache/ofbiz/base/util/UtilCodec.java


> Post-auth XSS vulnerability at catalog/control/EditProductPromo
> ---
>
> Key: OFBIZ-12096
> URL: https://issues.apache.org/jira/browse/OFBIZ-12096
> Project: OFBiz
>  Issue Type: Sub-task
>  Components: product/catalog
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: Jacques Le Roux
>Priority: Major
>
> This vulnerability was reported by 牛治 :
> Locations:
> * catalog/control/EditProductPromo 
> * catalog/control/EditProductPromoCode 
> Description: the Promo Name and Promo Text input boxes on the 
> EditProductPromo page have not a valid verification and result in an XSS 
> attack. 
> Poc: Encode the characters of "alert('poruin')", and the poc 
> after encoding is as follows 
> "\x3C\x73\x63\x72\x69\x70\x74\x3E\x61\x6C\x65\x72\x74\x28\x27\x70\x6F\x72\x75\x69\x6E\x27\x29\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E"
> As this vulnerability  is a post-auth we did not create a CVE



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

[jira] [Commented] (OFBIZ-12096) Post-auth XSS vulnerability at catalog/control/EditProductPromo

6 matches

Site Navigation

Mail list logo

Footer information