XSS vulnerability in Wiki preview

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 6.1.1 CE GA2, 6.1.20 EE GA2
Fix Version/s: 6.1.X EE, 6.2.0 CE M2, 6.2.0 CE M3
Component/s: Collaboration, Collaboration > Wiki, Security
Labels:
None

Branch Version/s:

6.1.x
Backported to Branch:

Committed
Fix Priority:
4
Similar Issues:
Show 4 results

Description

Reproduction steps:

Deploy AntiSamy Hook
Add Wiki Portlet to a page
Edit Front page and choose for HTML format
Click on Source and add some XSS ("><script>alert('Wiki Page Preview');</script>)
Save the page
Content has been sanitized OK
Edit the page again as previously
Click the Preview button

The alert message is displayed.

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Kenji Heigel added a comment - 21/Dec/12 5:37 PM

Committed on:
Portal 6.1.x EE GIT ID: fa24999015f6ffdb29620838226f2ee20202de9d.
Portal 6.2.x GIT ID: d10c9eada83ab17611a59d448927820abe60a336.

Show

Kenji Heigel added a comment - 21/Dec/12 5:37 PM Committed on: Portal 6.1.x EE GIT ID: fa24999015f6ffdb29620838226f2ee20202de9d. Portal 6.2.x GIT ID: d10c9eada83ab17611a59d448927820abe60a336.

Hide

Permalink

Kenji Heigel added a comment - 21/Dec/12 5:54 PM

PASSED Manual Testing following the steps in the description.

Reproduced on:
Tomcat 7.0.27 + MySQL 5. Portal 6.1.x EE GIT ID: f513cc6488dd6bbcbe295e0b7b86f9b1cef47af2.
Plugins 6.1.x EE GIT ID: 32aab040a271633cd74777a515baa9c93efef0cd.
Tomcat 7.0.27 + MySQL 5. Portal 6.2.x GIT ID: b8b08350ea430cb0b6a601d1b88a3272436efaad.
Plugins 6.2.x GIT ID: de5c6d7ccdc0a49f4fb8a7de0c7be4f6eaed80c5.

With the AntiSamy Hook deployed, the XSS popup appears after clicking preview.

Fixed on:
Tomcat 7.0.27 + MySQL 5. Portal 6.1.x EE GIT ID: fa24999015f6ffdb29620838226f2ee20202de9d.
Plugins 6.1.x EE GIT ID: 32aab040a271633cd74777a515baa9c93efef0cd.
Tomcat 7.0.27 + MySQL 5. Portal 6.2.x GIT ID: 8dec877554fa4078bf77006b3a8875c55af3cb31.
Plugins 6.2.x GIT ID: de5c6d7ccdc0a49f4fb8a7de0c7be4f6eaed80c5.

With the AntiSamy Hook deployed, the XSS popup does not appear upon clicking preview.

Show

Kenji Heigel added a comment - 21/Dec/12 5:54 PM PASSED Manual Testing following the steps in the description. Reproduced on: Tomcat 7.0.27 + MySQL 5. Portal 6.1.x EE GIT ID: f513cc6488dd6bbcbe295e0b7b86f9b1cef47af2. Plugins 6.1.x EE GIT ID: 32aab040a271633cd74777a515baa9c93efef0cd. Tomcat 7.0.27 + MySQL 5. Portal 6.2.x GIT ID: b8b08350ea430cb0b6a601d1b88a3272436efaad. Plugins 6.2.x GIT ID: de5c6d7ccdc0a49f4fb8a7de0c7be4f6eaed80c5. With the AntiSamy Hook deployed, the XSS popup appears after clicking preview. Fixed on: Tomcat 7.0.27 + MySQL 5. Portal 6.1.x EE GIT ID: fa24999015f6ffdb29620838226f2ee20202de9d. Plugins 6.1.x EE GIT ID: 32aab040a271633cd74777a515baa9c93efef0cd. Tomcat 7.0.27 + MySQL 5. Portal 6.2.x GIT ID: 8dec877554fa4078bf77006b3a8875c55af3cb31. Plugins 6.2.x GIT ID: de5c6d7ccdc0a49f4fb8a7de0c7be4f6eaed80c5. With the AntiSamy Hook deployed, the XSS popup does not appear upon clicking preview.

People

Assignee:

Kenji Heigel

Reporter:

Tamas Molnar

Participants of an Issue:

Kenji Heigel, Tamas Molnar

Vote (0)

Watch (0)

Dates

Created:

19/Dec/12 6:10 AM

Updated:

03/Apr/13 4:56 PM

Resolved:

21/Dec/12 2:58 PM

Days since last comment:

25 weeks, 5 days ago

Agile

View on Board

~~LPS-3152~~	XSS vulnerability in custom attributes
~~LPS-3176~~	XSS vulnerability in password policies
~~LPS-11495~~	XSS vulnerability in Wiki
~~LPS-3286~~	XSS vulnerability in <title> and <meta> tags