Uploaded image for project: 'JBoss BPMS Platform'
  1. JBoss BPMS Platform
  2. RHBPMS-4625

CVE-2017-2674 business-central: Multiple stored XSS in task and process filters [bpms-6.4.x]

XMLWordPrintable

    • CR1
    • A new control have been added before displaying the content to avoid the html interpretation.
    • Hide

      In business central, go to Tasks. Click on the "+" button to create a new filtered list and then enter something that uses HTML tags, such as *<h1>test</h1>*. Now tries to delete the list you just created and you should see that "test" will be shown as an HTML header in the confirmation dialog- indicating that the HTML code was interpreted.

      Show
      In business central, go to Tasks. Click on the "+" button to create a new filtered list and then enter something that uses HTML tags, such as * <h1>test</h1> *. Now tries to delete the list you just created and you should see that "test" will be shown as an HTML header in the confirmation dialog- indicating that the HTML code was interpreted.

      When you create a new task filtered list in business central, you can use HTML tags for the Name field. Later, when deleting it, the HTML is rendered. Although tags like script seems to be rejected, this could be an entry point for XSS attacks.

              nmirasch@redhat.com Neus Miras Chueca
              rhn-support-wsiqueir William Siqueira
              Kirill Gaevskii Kirill Gaevskii
              Kirill Gaevskii Kirill Gaevskii
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: