Uploaded image for project: 'Build'
  1. Build
  2. BUILD-541

Update to FreeMarker 2.3.31

    XMLWordPrintable

Details

    • Yes

    Description

      Begin forwarded message:
      From: Mal Aware <awaremal@gmail.com>

      Subject: FreeMarker Restriction Bypass in Magnolia 6.2.11

      Date: 21 September 2021 at 17:50:11 CEST

      To: support@magnolia-cms.com

      Hello, 
      During a security assessment the following vulnerability has been found in Magnolia v6.2.11:

      1. FreeMarker Restriction Bypass: Magnolia uses the Java FreeMarker Template parser in order to display dynamic content in the web application. Although the application implements restrictions against FreeMarker and Java dangerous elements, a bypass was found that circumvents these restrictions and can be leveraged by attackers to obtain Remote Code Execution.

      More details and the exploitation process can be found in the attached PDF.
       
      Have a nice day,
      Mal


      DEV NOTES

      This vulnerability has been fixed in FreeMarker 2.3.30 with https://issues.apache.org/jira/browse/FREEMARKER-124 - Magnolia currently uses version 2.3.29 (6.2.x) and 2.3.28 (5.7.x)

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                fgrilli Federico Grilli
                rkovarik Roman Kovařík
                Jean-Marc Fazan, Nico Kirch
                Votes:
                1 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Checklists

                    Task DoR

                    Jenkins

                      Latest 10/Nov/21 11:12 AM