Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-24252

p_p_lifecycle parameter could cause XSS vulnerability

    Details

      Description

      By adding "p_p_lifecycle=<script>alert(String.fromCharCode(103,51,104,68,57,55,122,69))</script>" to the portlet currency convereter, RSS, Amazon Ranking would cause XSS vulnerability.
      Even though most of new browsers(like Crome, FF, IE8,9) are able to prevent XSS attack, but still many old browsers are still not.
      Here are the steps:
      1, Add a new page to the portal.
      2, Add one/both of the portlets currency convereter, RSS, Amazon Ranking to the page.
      3, Add URL parameter "p_p_lifecycle=<script>alert(String.fromCharCode(103,51,104,68,57,55,122,69))</script>" e.g "http://localhost:8080/finance?p_p_lifecycle=<script>alert(String.fromCharCode(103,51,104,68,57,55,122,69))</script>"
      4, The page will pop up a javascript alert. And some of the javascript source code is exposed on the page.

        Attachments

          Activity

            People

            Assignee:
            paul.piao Paul Piao (Inactive)
            Reporter:
            zhao.jin Neil Jin (Inactive)
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              9 years, 48 weeks, 3 days ago

                Packages

                Version Package
                6.0.X EE
                6.1.0 CE GA1
                --Sprint 11/12
                6.2.0 CE M2