[JSPWIKI-1107] uploading attachments with illegal filename causes XSS vulnerability - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.11.0-M3
Fix Version/s: None
Component/s: Templates and UI
Labels:
None

Description

Create a file with the name <img src=x onerror=alert`1`> and upload this file to an existing page.

You get the JS popup doing the upload, and anyone visiting the download tab of that jsp will also get the JS popup.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

JSPWIKI-1107.patch
22/Apr/19 13:07
0.9 kB
Harry Metske

Activity

People

Assignee:: Unassigned

Reporter:: Harry Metske

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Apr/19 13:04

Updated:: 29/May/19 22:29

Resolved:: 03/May/19 18:41