[MAGNOLIA-3191] The content of log files is not escaped before being rendered via log viewer Created: 05/May/10  Updated: 02/Apr/13  Resolved: 06/May/10

Status: Closed
Project: Magnolia
Component/s: admininterface
Affects Version/s: 4.1.4, 4.2.3, 4.3.1
Fix Version/s: 4.2.4, 4.1.6, 4.3.2

Type: Bug Priority: Critical
Reporter: Jan Haderka Assignee: Jan Haderka
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled

 Description   

Currently content of the log files is assumed to be safe. This assumption is incorrect as the log file might include messages from content entered by users in search form or other input fields on the site and therefore must be escaped.
While the issue impact with properly secured access to AdminCentral (protect access to .magnolia URI from public net) is minimal, I'm setting priority to critical and will push the fix into next maintenance release. Protecting the .magnolia URI means that even should the attacker potentially obtain the session cookie, (s)he would not be able to login to the AdminCentral unless being in the range of addresses from which access is allowed.

Workaround:

  • do not use log viewer in the AdminCentral, but view the log files directly in the file system.

Generated at Mon Feb 12 03:44:05 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.