Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-8593

XSS in images and links using on* parameter.

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • Major
    • None
    • 4.2-milestone-2
    • Rendering
    • Unknown

    Description

      While passing parameters to images or links, one can also pass the javascript on*(error/click/etc.) parameters allowing the execution of arbitrary JS code.

      Examples:

      • [[image:1.jpg||onerror="javascript:alert(0)"]]
      • [[label>>WebHome||onclick="javascript:alert(0)"]]

      These parameters should be excluded from rendering.

      As reported by http://www.exploit-db.com/exploits/20856/

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. XRENDERING-663 XSS Javascript injection via XWiki 2.x syntax

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. XRENDERING-454 XSS vulnerabilities in XWiki syntax

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. XWIKI-15545 XSS in Import Image

          • Major - Major loss of function.
          • Closed

          Activity

            People

              surli Simon Urli
              enygma Eduard Moraru
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: