Impact
XSS payload can be injected in various forms and saved in the database then executed when information is fetched from backend.
Some endpoints also suffer from reflected XSS.
Requires a global filter for preventing injection on POST and PUT and GET requests.
Patches
Adding a backend filter to sanitize user input on vulnerable forms, and reflected XSS suffering endpoints.
Also adding, spring-security default headers and CSP.
Workarounds
Without uprading, it's possible to just apply the fixes in the same files it's done for the patch.
References
https://owasp.org/www-community/attacks/xss/
Credits
Found and solved by Amine Boudraa from Aix-Marseille University Cybersecurity
Master program supervised by Yassine Ilmi
Impact
XSS payload can be injected in various forms and saved in the database then executed when information is fetched from backend.
Some endpoints also suffer from reflected XSS.
Requires a global filter for preventing injection on POST and PUT and GET requests.
Patches
Adding a backend filter to sanitize user input on vulnerable forms, and reflected XSS suffering endpoints.
Also adding, spring-security default headers and CSP.
Workarounds
Without uprading, it's possible to just apply the fixes in the same files it's done for the patch.
References
https://owasp.org/www-community/attacks/xss/
Credits
Found and solved by Amine Boudraa from Aix-Marseille University Cybersecurity
Master program supervised by Yassine Ilmi