TitleJSP page processes the supplied JavaScript/HTML code in the textbox when submit button is clicked.
Date24-Mar-2006 09:33:30 EET
Version
Submitter195.153.160.113
Bug criticalityCriticalBug
Browser versionIE 6
Bug statusClosedBug
PageProvider used
Servlet ContainerTomcat 4.1.12
Operating SystemWindows 2000 sp4
URL
Java versionJDK 1.4.2

When we enter enter in any JavaScript/HTML code in a search field, If the system doesn't find an object that matches the specified criteria, the entered code is being processed in the message that reports about empty results. This is a XSS vulnerablity security hole as it is possible for the hacker to steal the cookies from the session when the submite button is clicked.


Oops. Will be fixed in the next upload.


Hmm... It appears that JSPWiki 2.3.88 is not vulnerable to this. Can you please check it or provide step-by-step instructions?

-- JanneJalkanen


Closing; 2.4 is not vulnerable.

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-2) was last changed on 10-Sep-2006 02:13 by JanneJalkanen