Description

In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.

Remediation

References

http://www.securityfocus.com/bid/99870

https://lists.apache.org/thread.html/332166037a54b97cf41e2b616aaed38439de94b19b204841478e4525%40%3Cdev.sling.apache.org%3E

Related Vulnerabilities

CVE-2020-28449 Vulnerability in npm package decal

CVE-2023-26121 Vulnerability in npm package safe-eval

CVE-2019-3875 Vulnerability in maven package org.keycloak:keycloak-server-spi-private

CVE-2021-23760 Vulnerability in npm package keyget

CVE-2016-10641 Vulnerability in npm package node-bsdiff-android

Severity

High

Classification

CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Third Party Advisory VDB Entry