Apache MyFaces Tomahawk JSF框架Autoscroll参数跨站脚本执行漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1113140 漏洞类型 跨站脚本
发布时间 2007-06-14 更新时间 2007-06-15
CVE编号 CVE-2007-3101 CNNVD-ID CNNVD-200706-275
漏洞平台 JSP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/30191
https://www.securityfocus.com/bid/24480
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200706-275
|漏洞详情
JavaServerFaces(JSF)是用于创建服务器端GUIWeb应用的框架,ApacheMyFacesTomahawk是JSF的开源实现。MyFacesTomahawkJSF框架中负责解析HTTP请求的代码中存在跨站脚本漏洞,远程攻击者可能利用此漏洞在用户的浏览器中执行恶意代码。在解析POST或GET请求的autoscroll参数时,该变量的值未经过滤直接注入了发送给客户端JavaScript,这就允许攻击者在MyFaces应用的域中执行任意JavaScript。
|漏洞EXP
source: http://www.securityfocus.com/bid/24480/info

Apache Tomahawk MyFaces JSF Framework is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this vulnerability may allow an attacker to launch cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. 

http:/;www.example.com/some_app.jsf?autoscroll=[javascript]
|受影响的产品
Apache MyFaces Tomahawk 1.1.5
|参考资料

来源:BID
名称:24480
链接:http://www.securityfocus.com/bid/24480
来源:VUPEN
名称:ADV-2007-2212
链接:http://www.frsirt.com/english/advisories/2007/2212
来源:SECUNIA
名称:25618
链接:http://secunia.com/advisories/25618
来源:IDEFENSE
名称:20070614ApacheMyFacesTomahawkJSFFrameworkCross-SiteScripting(XSS)Vulnerability
链接:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=544
来源:issues.apache.org
链接:http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&stylename=Text&projectId=12310272
来源:XF
名称:myfaces-autoscroll-xss(34872)
链接:http://xforce.iss.net/xforce/xfdb/34872