Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-7920

Thers is a xss issue in schema-browser page of Admin Web UI.

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.9, 4.10.4, 5.2.1
    • Fix Version/s: 5.3
    • Component/s: Admin UI
    • Labels:
      None

      Description

      Open Solr Admin Web UI, select a core(such as collection1) and then click "schema-browse",and input a url like "http://127.0.0.1:8983/solr/#/collection1/schema-browser?field=cat=<img src=1 onerror=alert(1);>" to the browser address, you will get alert box with "1".

      I changed follow code to void this problem:
      Original code:
      $( 'option[value="' + params.route_params.path + '"]', related_select_element )
      .attr( 'selected', 'selected' );

      Changed code:
      $( 'option[value="' + params.route_params.path.esc() + '"]', related_select_element )
      .attr( 'selected', 'selected' );

        Attachments

          Activity

            People

            • Assignee:
              upayavira Upayavira
              Reporter:
              davidchiu davidchiu
            • Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: