Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Framework
    • Labels:
      None
    • Environment:
      Windows WebLogic App Server

      Description

      The ice.view parameter of the framework is not properly validated. it is possible to inject values that might be executed as javascript in browsers

      the following request:
      ice.view=<a%20xmlns%3aa%3d'http%3a//www.w3.org/1999/xhtml&#39;&gt;&lt;a%3abody%20onload%3d&#39;alert(1)&#39;/&gt;&lt;/a>


      leads to the following response from the system:
      <reload view="<a xmlns:a='http://www.w3.org/1999/xhtml&#39;&gt;&lt;a:body onload='alert(1)'/></a>"/>

      Testing was conducted on ICEfaces 1.8.X. If this bug has been fixed in a later release, please provide further information.
      1. xss.txt
        0.2 kB
        Thomas Jaehnel

        Activity

        There are no subversion log entries for this issue yet.

          People

          • Assignee:
            Unassigned
            Reporter:
            Thomas Jaehnel
          • Votes:
            2 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: