Uploaded image for project: 'JSPWiki'
  1. JSPWiki
  2. JSPWIKI-1107

uploading attachments with illegal filename causes XSS vulnerability

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.11.0-M3
    • Fix Version/s: None
    • Component/s: Templates and UI
    • Labels:
      None

      Description

      Create a file with the name <img src=x onerror=alert`1`> and upload this file to an existing page.

      You get the JS popup doing the upload, and anyone visiting the download tab of that jsp will also get the JS popup.

        Attachments

        1. JSPWIKI-1107.patch
          0.9 kB
          Harry Metske

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              metskem Harry Metske
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: