Issue: |
|
---|---|
Date: |
|
Severity: | Low |
Requires Admin Access: | Yes |
Fix Version: | 3.3.2, 3.5 |
Credit: | Piaox From Pingan Product Safety Group |
Description: |
The lucene search admin tool (Admin only) allows a user to construct and execute a query to run against dotCMS content. The admin tool does not sanitize the query and echo's it back to the user which allows for XSS javascript execution. |
Mitigation: |
Prevent access to the lucene search admin tool except for authorized personnel. |
References |
https://packetstormsecurity.com/files/136636/DotCMS-3.5-Beta-Cross-Site-Scripting.html |