Description

In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.

Remediation

References

http://www.securityfocus.com/bid/99870

https://lists.apache.org/thread.html/332166037a54b97cf41e2b616aaed38439de94b19b204841478e4525%40%3Cdev.sling.apache.org%3E

Related Vulnerabilities

CVE-2017-7667 Vulnerability in maven package org.apache.nifi:nifi

CVE-2017-14949 Vulnerability in maven package org.restlet.osgi:org.restlet

CVE-2023-26139 Vulnerability in npm package underscore-keypath

CVE-2022-33987 Vulnerability in maven package org.webjars.npm:got

CVE-2018-11761 Vulnerability in maven package org.apache.tika:tika-parsers

Severity

High

Classification

CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Third Party Advisory VDB Entry