Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 3.0.5.Final
Affects Version/s: 3.0.4.Final
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/hal/console/commit/b7e85dc3498d4ef9b6cb6dc615eaca08f25acb55

There is a vulnerability in HAL not properly escaping html characters from resource names, see example below:

[standalone@localhost:9990 /] deploy /home/darranl/src/wildfly13/elytron-examples/simple-webapp/target/simple-webapp.war --name=xss<svg/onload=alert(document.domain)>xss --disabled

[standalone@localhost:9990 /] /system-property="xss<svg/onload=alert(document.domain)>xss":add(value=test)

When loading either the system property view or opening the deployment view, the javascript onload is loaded.

is incorporated by

WFLY-10936 Upgrade HAL to 3.0.5.Final

Closed

WFLY-11408 Upgrade HAL to 3.1.2.Final

Closed

Assignee:: Claudio Miranda

Reporter:: Claudio Miranda

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2018/08/27 4:28 PM

Updated:: 2018/12/04 4:57 AM

Resolved:: 2018/08/27 8:39 PM