-
Notifications
You must be signed in to change notification settings - Fork 188
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix CVE-2017-12097 #102
Fix CVE-2017-12097 #102
Conversation
From https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0449 An exploitable XSS vulnerability exists in the filter functionality of the delayed_job_web rails gem version 1.4. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim’s browser. An attacker can phish an authenticated user to trigger this vulnerability. The delayed_job_web gem allows users to filter output based on the query string of the GET request. This looks similar to. localhost:3000/delayed_job/overview?queues=">+<script>alert(1)<%2Fscript> This URL can them be used to phish an authenticated user and execute arbitrary javascript on their behalf. This vulnerability is caught by the built in XSS protections of Safari and Chrome., however it is exploitable using Firefox.
@jankeesvw Thank you for submitting this. Were you able to run |
I ran bundle update in my project with a reference to my fork, that worked just fine. What output did you get? I’ll check it again tomorrow. |
Ah yes, I see the errors, do you have any idea how to resolve it?
|
I think it works on my project because it relies on Rails 5. |
@jankeesvw I think it makes sense that new versions of this gem would depend on Rails 5. If you can configure the dependencies so that |
I'm sorry, I was trying to fix CVE-2018-7212, which is different than the subject of this issue. |
Replaced by #103. |
From https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0449
An exploitable XSS vulnerability exists in the filter functionality of the
delayed_job_web rails gem version 1.4. A specially crafted URL can cause an
XSS flaw resulting in an attacker being able to execute arbitrary javascript
on the victim’s browser. An attacker can phish an authenticated user to
trigger this vulnerability.
The delayed_job_web gem allows users to filter output based on the query
string of the GET request. This looks similar to.
localhost:3000/delayed_job/overview?queues=">+<script>alert(1)<%2Fscript>
This URL can them be used to phish an authenticated user and execute arbitrary
javascript on their behalf. This vulnerability is caught by the built in XSS
protections of Safari and Chrome., however it is exploitable using Firefox.
Fixes #101