Vulnerability validation
The user logs in using firefox and enters the content in the post:
Trigger the savings XSS vulnerability
Likewise, enter the content in the comments section of the post:
XssHttpServletRequestWrapper filter is lax,Also leads to storage XSS vulnerabilities
bug fix
Coding unification
The encoding of each data layer of the site is uniform, and it is recommended to use all utf-8 encoding. The inconsistency of upper and lower encoding may cause some filtering models to be bypassed.
Http Only cookie
The purpose of many XSS attacks is to obtain the user's cookie, marking the important cookie as HTTP only, so that when the browser makes a request to the server, it will bring the cookie field, but the cookie cannot be accessed in the script. In this way, the XSS attack can avoid using js's document.cookie to acquire the cookie.
Input content length control
For untrusted input, you should limit it to a reasonable length.Although it cannot completely prevent XSS from happening, it can increase the difficulty of XSS attack.
Input check
Input check is generally to check whether the data entered by the user contains some special characters, such as <, >, ', ', etc. If special characters are found, these characters are filtered or coded.
The text was updated successfully, but these errors were encountered:
Howsson
changed the title
XssHttpServletRequestWrapper filter is lax,Also leads to storage XSS vulnerabilities.
1
Nov 11, 2018
Howsson
changed the title
1
XssHttpServletRequestWrapper JEESNS V1.3 social management system type stored XSS holes caused by filter is lax
Nov 12, 2018
POC

Vulnerability validation


The user logs in using firefox and enters the content in the post:
Trigger the savings XSS vulnerability

Likewise, enter the content in the comments section of the post:
XssHttpServletRequestWrapper filter is lax,Also leads to storage XSS vulnerabilities
bug fix
The encoding of each data layer of the site is uniform, and it is recommended to use all utf-8 encoding. The inconsistency of upper and lower encoding may cause some filtering models to be bypassed.
The purpose of many XSS attacks is to obtain the user's cookie, marking the important cookie as HTTP only, so that when the browser makes a request to the server, it will bring the cookie field, but the cookie cannot be accessed in the script. In this way, the XSS attack can avoid using js's document.cookie to acquire the cookie.
For untrusted input, you should limit it to a reasonable length.Although it cannot completely prevent XSS from happening, it can increase the difficulty of XSS attack.
Input check is generally to check whether the data entered by the user contains some special characters, such as <, >, ', ', etc. If special characters are found, these characters are filtered or coded.
The text was updated successfully, but these errors were encountered: