漏洞类别:CGI
漏洞等级: 
漏洞信息
Apache Sling is a web framework that uses a Java Content Repository, such as Apache Jackrabbit, to store and manage content.
The Javascript method Sling.evalString() uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings.
Affected Version:
org.apache.sling.servlets.post bundle up to 2.3.21
Detection Logic:
This QID checks for Apache Sling installations running with default credentials and that have vulnerable versions of Apache Sling Servlet post authentication.
漏洞危害
An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary Javascript code on victim's browser.
解决方案
Vendor has released an updated version org.apache.sling.servlets.post 2.3.22 to fix this issue. Refer to the SLING-7041 for more details on the vulnerability and patches.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论