ICEfaces
  1. ICEfaces
  2. ICE-6657

XSS in ice.view parameter

          Details

          • Type: Bug Bug
          • Status: Closed
          • Priority: Major Major
          • Resolution: Duplicate
          • Affects Version/s: None
          • Fix Version/s: None
          • Component/s: Framework
          • Labels:
            None
          • Environment:
            Windows WebLogic App Server

            Description

            The ice.view parameter of the framework is not properly validated. it is possible to inject values that might be executed as javascript in browsers

            the following request:
            ice.view=<a%20xmlns%3aa%3d'http%3a//www.w3.org/1999/xhtml&#39;&gt;&lt;a%3abody%20onload%3d&#39;alert(1)&#39;/&gt;&lt;/a>


            leads to the following response from the system:
            <reload view="<a xmlns:a='http://www.w3.org/1999/xhtml&#39;&gt;&lt;a:body onload='alert(1)'/></a>"/>

            Testing was conducted on ICEfaces 1.8.X. If this bug has been fixed in a later release, please provide further information.
            1. Text File
              xss.txt
              0.2 kB
              Thomas Jaehnel

              Activity

              Ascending order - Click to sort in descending order
              Hide
              Permalink
              Thomas Jaehnel added a comment -

              original request line + response line are in attached text file.
              please comment if you need further information.

              Show
              Thomas Jaehnel added a comment - original request line + response line are in attached text file. please comment if you need further information.
              Hide
              Permalink
              Frank Troia added a comment -

              I'm also curious to know if this issue has been fixed in a later release. Thanks!

              Show
              Frank Troia added a comment - I'm also curious to know if this issue has been fixed in a later release. Thanks!
              Hide
              Permalink
              Arran Mccullough added a comment -

              Issue has been resolved in the ICEfaces EE 1.8.2 P01 release.

              Show
              Arran Mccullough added a comment - Issue has been resolved in the ICEfaces EE 1.8.2 P01 release.
              Hide
              Permalink
              Vikram G added a comment -

              in the download page (http://www.icesoft.org/java/downloads/icefaces-1.8-downloads.jsf) am not able to find ICEfaces EE 1.8.2 P01 release version. Could you please share th link Thanks In Advance.

              Show
              Vikram G added a comment - in the download page ( http://www.icesoft.org/java/downloads/icefaces-1.8-downloads.jsf ) am not able to find ICEfaces EE 1.8.2 P01 release version. Could you please share th link Thanks In Advance.
              Hide
              Permalink
              Shravan Kumar Raju G added a comment -

              In which version of the icefaces the ice.view or ice.focus issues are fixed.

              Show
              Shravan Kumar Raju G added a comment - In which version of the icefaces the ice.view or ice.focus issues are fixed.
              Hide
              Permalink
              Ken Fyten added a comment -

              Resolved via ICE-10998.

              Show
              Ken Fyten added a comment - Resolved via ICE-10998 .

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  Thomas Jaehnel
                • Votes:
                  2 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: