The format and srs parameter in the WMS/WMTS/TMS demo pages are not escaped.
A targeted, non-persistent Cross Site Scripting attack (XSS) could be used for information disclosure. For example: Session cookies of a third party application running on the same domain.
This is not a disclosure of any information on the server (like files, etc.). Refer to https://en.wikipedia.org/wiki/Cross-site_scripting
Users are advised to disable the demo service or to update MapProxy with the upcoming patch, if they are unsure whether this is a risk in their specific installation.
The text was updated successfully, but these errors were encountered:
olt
changed the title
Update demo service
Fix Cross Site Scripting (XSS) issue in demo service
Aug 17, 2017
Janek Vind found out that this fix was incomplete. There is an updated fix with 420412a in master and 436c8f4 in 1.11.x branch. MapProxy 1.11.1 release is out with a fix.
The format and srs parameter in the WMS/WMTS/TMS demo pages are not escaped.
A targeted, non-persistent Cross Site Scripting attack (XSS) could be used for information disclosure. For example: Session cookies of a third party application running on the same domain.
This is not a disclosure of any information on the server (like files, etc.). Refer to https://en.wikipedia.org/wiki/Cross-site_scripting
Users are advised to disable the demo service or to update MapProxy with the upcoming patch, if they are unsure whether this is a risk in their specific installation.
The text was updated successfully, but these errors were encountered: