-
FEATURED COMPONENTS
First time here? Check out the FAQ!
Hi there, I found a possible XSS Vulnerability for the Listcell component. I entered a String like "</script foo=bar>" for a normal Textboxfield and after saving and refreshing this content will be rendered into a Listcell for the User. Unfortunately there is some vulnerability in the XSS protection function.
The resulting html-code looks like:
<script type="text/javascript">zkmx(
.....
['zul.sel.Listcell','z_hpl_o',{$$onSize:false,label:'EVIL-JS'},[]],
['zul.sel.Listcell','z_hpl_p',{label:'</script foo=bar>'},[]],
['zul.sel.Listcell','z_hpl_q',{label:'helloWorld'},[]],
....);
</script>
I always though zkoss will now prevent all evil xss-stuff, but unfortunately the resulting page is empty or is really messed up, without any reliable information.
I am using zk5.0.4.1, zcommon5.0.4, zhtml5.0.4....(Unfortunately upgrading to a newer zk version is at this moment not an option!)
Is there something I'm doing wrong? Or is this a known issue??
Please help ASAP. thx
please report bug in http://tracker.zkoss.org/secure/Dashboard.jspa
The defect http://tracker.zkoss.org/browse/ZK-2116 is now reopened but no progress is visible/reported... Any chance for fix?
Asked: 2014-01-13 12:50:50 +0800
Seen: 25 times
Last updated: Aug 07 '14
Zk + Spring Security redirect to strange page after login
ZK Spring webflow and flowScope
Spring security doesn't return user inside event listener
ZK Spring 3.1.1 MVVM Use @Scope/@Component or No?
Upgrading from Spring3.1 to 3.1.1 Maven.. pulls in 3.0.x jars... issues
When would I want to use ThreadLocalListener?
ZKoss with springsecurity using database