XSS vulnerability in opencms v9.0.1 workplace
One of our clients pen testing companies raised a high priority issue stating that Alkacon OpenCms 9.0.1 workspace is XSS prone and allows remote attackers to inject arbitrary web script or HTML. Below are some of the URL examples and parameters that are found to be vulnerable, but there seems to be many others.

Affected URLs:
Parameters Affected:
reporttype, style, threadhasnext

Parameters Affected:

Parameters Affected: acttarget

Recommended solution from one of the pen testing companies is:
perform HTML and/or JavaScript escaping before displaying any content

Has any one encountered similar issue and any suggestions on fixing this without going too much into opencms code please? We already raised a call with opencms https://github.com/alkacon/opencms-core/issues/261 but haven't heard anything back yet!

Thanking you in advance for any advise,

Note to admin: I tried raising a thread earlier and I think the session got timedout before I submitted. Please delete if there is a duplicate entry created in the backend still.

1 Posts
If you are at SANS FIRE and didn't get one, ask me or another pen test instructor for one, and we'll gladly hand one to you. Also, tonight at the SANS NetWars event at SANSFIRE, we'll have some posters for you.



Sign Up for Free or Log In to start participating in the conversation!