Description

In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.

Remediation

References

http://www.securityfocus.com/bid/99870

https://lists.apache.org/thread.html/332166037a54b97cf41e2b616aaed38439de94b19b204841478e4525%40%3Cdev.sling.apache.org%3E

Related Vulnerabilities

CVE-2020-8127 Vulnerability in maven package org.webjars.npm:reveal.js

CVE-2022-47105 Vulnerability in maven package org.jeecgframework.boot:jeecg-module-system

CVE-2023-40037 Vulnerability in maven package org.apache.nifi:nifi-dbcp-base

CVE-2022-43417 Vulnerability in maven package org.jenkins-ci.plugins:katalon

CVE-2022-43418 Vulnerability in maven package org.jenkins-ci.plugins:katalon

Severity

High

Classification

CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Third Party Advisory VDB Entry