[NXP-4547] WebEngine cross-site scripting (XSS) issues - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 5.3 GA
Fix Version/s: 5.3.1
Component/s: WebEngine

Tags:
- xss

Description

Some WebEngine templates don't properly escape their variables and thus are XSS vectors.

no_site.ftl / no_blog.ftl:
http://localhost:8080/nuxeo/site/sites/%3Cimg%20src=.%20onerror=alert(123)%20%3E

list_sites.ftl:
Use a blog name <img src=. onerror=alert(4) >

error_create_page.ftl:
?

Attachments

Activity

People

Assignee:

Sun Tan

Reporter:

Florent Guillaume

Participants:

Florent Guillaume, Sun Tan

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

2010-01-12 13:16

Updated:

2014-06-02 15:59

Resolved:

2010-02-01 16:51