Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-7949

Thers is a xss issue in plugins/stats page of Admin Web UI.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 4.9, 4.10.4, 5.2.1
    • 5.3.1, 5.4, 6.0
    • Admin UI
    • None

    Description

      Open Solr Admin Web UI, select a core(such as collection1) and then click "Plugins/stats",and type a url like "http://127.0.0.1:8983/solr/#/collection1/plugins/cache?entry=score=<img src=1 onerror=alert(1);> to the browser address, you will get alert box with "1".

      I changed follow code to resolve this problem:
      The Original code:
      for( var i = 0; i < entry_count; i++ )

      { $( 'a[data-bean="' + entries[i] + '"]', frame_element ) .parent().addClass( 'expanded' ); }

      The Changed code:
      for( var i = 0; i < entry_count; i++ )

      { $( 'a[data-bean="' + entries[i].esc() + '"]', frame_element ) .parent().addClass( 'expanded' ); }

      Attachments

        Activity

          People

            janhoy Jan H√łydahl
            davidchiu davidchiu
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: