myfaces-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "rajat (JIRA)" <...@myfaces.apache.org>
Subject [jira] Commented: (TOMAHAWK-983) Cross-site scripting in autoscroll parameter
Date Fri, 15 Jun 2007 12:40:26 GMT

    [ https://issues.apache.org/jira/browse/TOMAHAWK-983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12505214
] 

rajat commented on TOMAHAWK-983:
--------------------------------

Thanks Manfred for fixing this.  In hindsight, it would have more sense to put it as critical
as it was a universal issue.  Will keep it in mind for future vulnerabilities ;-)

> Cross-site scripting in autoscroll parameter
> --------------------------------------------
>
>                 Key: TOMAHAWK-983
>                 URL: https://issues.apache.org/jira/browse/TOMAHAWK-983
>             Project: MyFaces Tomahawk
>          Issue Type: Bug
>          Components: ExtensionsFilter
>    Affects Versions: 1.1.1, 1.1.2, 1.1.3, 1.1.5
>         Environment: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7d
>            Reporter: rajat
>            Assignee: Manfred Geiler
>            Priority: Critical
>             Fix For: 1.1.6
>
>
> The autoscroll parameter inserted in the requests is vulnerable to cross-site scripting
attacks.  
> If the POST request containing the autoscroll parameter is fuzzed to include something
on the lines of "autoScroll=0%2C275);//--></script><IMG%20src="bla"%20onerror="alert(document.cookie)"><script>(
", one can see the JavaScript pop-up.  This appears to be a vulnerability throughout the JSF
apps.  

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message