Description

In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.

Remediation

References

http://www.securityfocus.com/bid/99870

https://lists.apache.org/thread.html/332166037a54b97cf41e2b616aaed38439de94b19b204841478e4525%40%3Cdev.sling.apache.org%3E

Related Vulnerabilities

CVE-2017-4952 Vulnerability in maven package com.vmware.xenon:xenon-common

CVE-2021-29486 Vulnerability in npm package cumulative-distribution-function

CVE-2016-8739 Vulnerability in maven package org.apache.cxf:cxf-rt-rs-extension-providers

CVE-2018-25068 Vulnerability in maven package com.anrisoftware.globalpom:globalpomutils-fileresources

CVE-2021-41862 Vulnerability in maven package com.googlecode.aviator:aviator

Severity

High

Classification

CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Third Party Advisory VDB Entry