[Geoserver-devel] [JIRA] (GEOS-7545) XSS Vulnerability : Reflected Cross Site Scripting Vulnerability in TestWfsPost Service

_Failed_to_Retrieve · May 20, 2016, 8:29am

Steve Reed created an issue

XSS Vulnerability : Reflected Cross Site Scripting Vulnerability in TestWfsPost Service

Issue Type:	Bug
Affects Versions:	2.8.1
Assignee:	Unassigned
Components:	WFS
Created:	20/May/16 10:28 AM
Environment:	Linux Redhat 6, running in Tomcat 6.0.45 Container
Priority:	Medium
Reporter:	Steve Reed

Reflected Cross Site Scripting Vulnerability in GeoServer TestWfsPost Service

Potentially malicious content can be injected into the post request and is reflected unchanged in the response which may then be actioned in the client browser.

The value of the url request parameter can be altered and submitted e.g

vjoce&lt;a xmlns:a='http://www.w3.org/1999/xhtml'&gt;&lt;a:body onload='alert(1)'/&gt;&lt;/a&gt;oj93zmy1wd1

Example URL
http://localhost:8080/geoserver/TestWfsPost?form_hf_0=&url=vjoce%3Ca%20xmlns%3aa%3d%27http%3a%2f%2fwww.w3.org%2f1999%2fxhtml%27%3E%3Ca%3abody%20onload%3d%27alert%281%29%27%2f%3E%3C%2fa%3Eoj93zmy1wd1

Add Comment

This message was sent by Atlassian JIRA (v1000.5.2#72002-sha1:b4422fe)