Issue Details (XML | Word | Printable)

Key: GERONIMO-1474
Type: Bug Bug
Status: Resolved Resolved
Resolution: Fixed
Priority: Major Major
Assignee: Aaron Mulder
Reporter: Greg Wilkins
Votes: 1
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Geronimo

Cross site scripting vulnerabilites

Created: 15/Jan/06 09:26 PM   Updated: 13/Mar/07 04:20 AM
Return to search
Component/s: console, security
Affects Version/s: 1.0
Fix Version/s: 1.1, 1.2
Security Level: public (Regular issues)

Time Tracking:
Not Specified

File Attachments:
  File Name Date Attached Attached By Size
Text File Licensed for inclusion in ASF works GERONIMO-1474.patch 2006-01-19 04:01 AM Paul McMahan 2 kB

Patch Info: Patch Available
Resolution Date: 26/Jan/06 06:35 AM


 Description  « Hide
Reported by oliver karow:

The Web-Access-Log viewer does no filtering for html-/script-tags, and
therefore allows attacks against the user of the admin-console:

http://10.10.10.10:8080/jsp-examples/cal/cal2.jsp?time="/><script>alert(document.cookie)</script>

Also reported:

The first one is a classical cross-site scripting in the jsp-examples:
http://10.10.10.10:8080/jsp-examples/cal/cal2.jsp?time="/><script>alert('Gotcha')</script>

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Aaron Mulder made changes - 16/Jan/06 01:48 AM
Field Original Value New Value
Component/s security [ 11143 ]
Fix Version/s 1.1 [ 12310181 ]
Description
Reported by oliver karow:

The Web-Access-Log viewer does no filtering for html-/script-tags, and
therefore allows attacks against the user of the admin-console:

http://10.10.10.10:8080/jsp-examples/cal/cal2.jsp?time="/><script>alert(document.cookie)</script>


Also reported:

The first one is a classical cross-site scripting in the jsp-examples:
http://10.10.10.10:8080/jsp-examples/cal/cal2.jsp?time="/><script>alert('Gotcha')</script>
 Reported by oliver karow:

The Web-Access-Log viewer does no filtering for html-/script-tags, and
therefore allows attacks against the user of the admin-console:

http://10.10.10.10:8080/jsp-examples/cal/cal2.jsp?time="/><script>alert(document.cookie)</script>


Also reported:

The first one is a classical cross-site scripting in the jsp-examples:
http://10.10.10.10:8080/jsp-examples/cal/cal2.jsp?time="/><script>alert('Gotcha')</script>
Paul McMahan made changes - 19/Jan/06 04:01 AM
Attachment GERONIMO-1474.patch [ 12322088 ]
Paul McMahan made changes - 19/Jan/06 04:01 AM
Geronimo Info [Patch Available]
Aaron Mulder made changes - 26/Jan/06 06:35 AM
Assignee Aaron Mulder [ ammulder ]
Status Open [ 1 ] Resolved [ 5 ]
Resolution Fixed [ 1 ]
David Blevins made changes - 04/Aug/06 10:28 PM
Workflow jira [ 12345730 ] RTC Workflow [ 12378306 ]
Alan Cabrera made changes - 07/Aug/06 03:04 PM
Workflow RTC Workflow [ 12378306 ] jira [ 12380078 ]

Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators