[MGNLDAM-171] XSS vulnerability of Assets Created: 13/Mar/13  Updated: 05/Mar/14  Resolved: 13/Mar/13

Status: Closed
Project: Magnolia DAM Module
Component/s: None
Affects Version/s: None
Fix Version/s: 1.0

Type: Bug Priority: Critical
Reporter: Roman Kovařík Assignee: Roman Kovařík
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relates
relates to MGNLDAM-416 Ensure that the DamTemplatingFunction... Closed
dependency
is depended upon by MGNLSTK-1105 Escape values for rendering, don't es... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled

 Description   

MGNLSTK-1105 removed escaping from FTL templates. The values are already escaped by HTMLEscapingNodeWrapper (MGNLSTK-1103).
Because the nodes for assets are taken directly from session, they aren't wrapped and cause XSS vulnerability of image properties.

Steps to reproduce:

  1. Use some XSS for Subject and Description of asset which appears in http://localhost:8080/magnoliaAuthor/demo-project/multimedia/image-gallery.html.
  2. Open the image gallery page.
    -> XSS exploit.

Generated at Mon Feb 12 04:57:14 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.