voyent
Vulnerable Parameter: ice.view  XML
Forum Index -> General Help
Author Message
balexandrova

Joined: 08/Jul/2009 00:00:00
Messages: 2
Offline


All,

Our application uses IceFaces 1.8 and Seam 2.1.1 GA.
We subcontracted a company to run a security vulnerabilities check
and they came up with 5 problems connected with ice.view parameter.
We don't have control over it and I was wondering if anyone has an idea of how to prevent cross-site scripting or vulnerable parameter problems connected to ice.view. We were able to reproduce it using Tamper Data. Here is an example from the report:

Vulnerable Parameter: ice.view
Original Value: 11
Method: POST
Attack Type: Unfiltered xml

Attack Value: %3E%3Cabc+xmlns%3Axyz%3D%22http%3A%2F%2Fwww.w3.org%2F1999%2Fxhtml%22+%3E%3Cxyz%3Abody+onload%3D%22alert(%27cBlSv9a6%27)%22+%2F%3E%3C%2Fabc%3E

ted.goddard

Joined: 26/Oct/2004 00:00:00
Messages: 874
Offline


Are you specifically using ICEfaces 1.8.0? This is likely a bug that has been fixed in 1.8.2-EE.
[Email]
balexandrova

Joined: 08/Jul/2009 00:00:00
Messages: 2
Offline


Thanks Ted.
We are using IceFaces 1.8.0, but we tested on localhost with 1.8.2 and we were able to still reproduce the problem using Tamper Data.
 
Forum Index -> General Help
Go to:   
Powered by JForum 2.1.7ice © JForum Team