[OFBIZ-12582] Prevent post-Auth vulnerability: FreeMarker Bypass - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 18.12.05
Fix Version/s: 18.12.06, 22.01.01
Component/s: content
Labels:
None

Sprint:
Bug Crush Event - 21/2/2015

Description

By inserting malicious content in the “Text” field from “/content/control/updateLayoutSubContent” -> “Templates”, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and obtain RCE (Remote Code Execution).

This FreeMarker SSTI was used to re-exploit vulnerability GHSL-2020-070

Attachments

Activity

People

Assignee:: Jacques Le Roux

Reporter:: Jacques Le Roux

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 23/Feb/22 10:46

Updated:: 26/Feb/22 10:20

Resolved:: 24/Feb/22 16:52