Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS04YzgyLTlyZ3AtNHF2cs4AAV9O
Improper Neutralization of Input During Web Page Generation Apache Sling Servlets Post
The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings.
Permalink: https://github.com/advisories/GHSA-8c82-9rgp-4qvrJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04YzgyLTlyZ3AtNHF2cs4AAV9O
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: over 1 year ago
CVSS Score: 6.1
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Identifiers: GHSA-8c82-9rgp-4qvr, CVE-2017-9802
References:
- https://nvd.nist.gov/vuln/detail/CVE-2017-9802
- https://issues.apache.org/jira/browse/SLING-7041
- https://lists.apache.org/thread.html/2f4b8333e44c6e7e0b00933bd4204ce64829952f60dbb6814f2cdf91@%3Cdev.sling.apache.org%3E
- http://packetstormsecurity.com/files/143758/Apache-Sling-Servlets-Post-2.3.20-Cross-Site-Scripting.html
- http://www.securityfocus.com/archive/1/541024/100/0/threaded
- http://www.securityfocus.com/bid/100284
- https://github.com/advisories/GHSA-8c82-9rgp-4qvr
Affected Packages
maven:org.apache.sling:org.apache.sling.servlets.post
Dependent packages: 84Dependent repositories: 676
Downloads:
Affected Version Ranges: < 2.3.22
Fixed in: 2.3.22
All affected versions: 2.1.0, 2.1.2, 2.2.0, 2.3.0, 2.3.2, 2.3.4, 2.3.6, 2.3.8, 2.3.10, 2.3.12, 2.3.14, 2.3.16, 2.3.18, 2.3.20
All unaffected versions: 2.3.22, 2.3.24, 2.3.26, 2.3.28, 2.3.30, 2.3.32, 2.3.34, 2.3.36, 2.4.2, 2.4.4, 2.4.6, 2.5.0, 2.6.0