Merge pull request #1416 from josephrignanese/bugfix/xss-on-genericlists

[bugfix #1417] Added XSS encoding for genericlist components
Adobe-Consulting-Services · Jul 7, 2018 · ba7e213 · ba7e213
2 parents a4f1569 + 60101f7
commit ba7e213
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/)
 ## [Unreleased]
 
 ### Fixed
+- #1417 - Fixed xss vulnerabilities in generic lists
 - #1386 - Fixed ajax calls like undefined.2.json when hovering over parsys
 - #1301 - Fixed issue in MCP process forms where CoralUI bindings happened twice per form breaking some functionality (like file uploads).
 - #1401 - Added AEM 6.3 support for conditional hiding in edit dialogs

diff --git a/content/src/main/content/jcr_root/apps/acs-commons/components/utilities/genericlist/body.jsp b/content/src/main/content/jcr_root/apps/acs-commons/components/utilities/genericlist/body.jsp
@@ -21,12 +21,12 @@
 
 <body>
 
-    <h1>Generic List - <%= currentPage.getTitle() %></h1>
+    <h1>Generic List - <%= xssAPI.encodeForHTML(currentPage.getTitle()) %></h1>
 
     <h2>List Items:</h2>
 
     <ul>
         <cq:include path="list" resourceType="foundation/components/parsys"/>
     </ul>
 
-</body>
+</body>
diff --git a/...src/main/content/jcr_root/apps/acs-commons/components/utilities/genericlist/item/item.jsp b/...src/main/content/jcr_root/apps/acs-commons/components/utilities/genericlist/item/item.jsp
@@ -28,7 +28,7 @@ if (title.equals("")) {
     %><span style="color: red;">Please enter a title</span>
 	<%
 } else { %>
-Title: <%=title%> <br />
-Value: <%=value%> <br />
+Title: <%=xssAPI.encodeForHTML(title)%> <br />
+Value: <%=xssAPI.encodeForHTML(value)%> <br />
 <% } %>
 </li>