[CKAN-Security] Client Side XSS

• Previous message: [CKAN-Security] Information Disclosure -- private dataset existence and metadata to unauthenticated users.
• Next message: [CKAN-Security] Client Side XSS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Afternoon,

A recent Penetration Test has uncovered a few vulnerabilities. I'll try to
flag applicable ones to CKAN core, first up is client side XSS.

This seems to be coming from bootstrap 3 and Jquery 3.  Both are
susceptible to a few vulnerabilities including cross-site scripting.

So in general, they should be upgraded but I know bootstrap upgrade would
take quite a bit of time and we just got to 3.

A more specific example are any autocomplete drop down fields. All seem to
execute JS quite easily.  e.g. (resource format field try entering
<script>alert(document.cookie)</script>). the autocomplete.js file seems to
rely on jquery, and I'm assuming at this point that is where the issue
resides.

Will update as I have more to share.

Thanks,
Cody

-- 
You received this message because you are subscribed to the Google Groups "CKAN Security" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security+unsubscribe at ckan.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/security/attachments/20191122/5ff2e855/attachment.html>

• Previous message: [CKAN-Security] Information Disclosure -- private dataset existence and metadata to unauthenticated users.
• Next message: [CKAN-Security] Client Side XSS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]