Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-9118

XSS in restricted context via html macro

    XMLWordPrintable

Details

    • High
    • Medium
    • N/A
    • N/A

    Description

      To reproduce, just put the following comment on any page :

      {{html}}
<a href='' onclick='alert("xss")'>XSS</a>
{{/html}}

      Comments are executed in a restricted context won which we disabled server side scripting for example, so it sounds equally necessary to filter out client side scripting.

      Attachments

        Issue Links

          depends on

          Bug - A problem which impairs or prevents the functions of the product. XWIKI-18049 Improve the html escaping mechanism for XSS protection

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. XCOMMONS-1680 Filter Html attributes in restricted mode based on a whitelist

          • Major - Major loss of function.
          • Closed
          is duplicated by

          Task - A task that needs to be done. XWIKI-9147 Secure the HTML macro

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. XWIKI-4874 Restrict unsafe HTML/JavaScript features of Wiki syntax to trusted users

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is related to

          Task - A task that needs to be done. XWIKI-7878 Add a 'restricted' parameter to transformation context to enable a safe rendering mode

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. XWIKI-18568 Multiple instances of stored cross-site scripting (XSS) via editor and HTML macro

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. XWIKI-19514 XSS using a JSX object

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed
          links to

          Web Link GitHub Security advisory

          Activity

            People

              MichaelHamann Michael Hamann
              thomas_delafosse Thomas Delafosse
              Alex Busenius, Richard Curteis, Stuart Walker
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: