Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-3042

Опубликовано: 17 окт. 2023
Источник: nvd
CVSS3: 5.3
CVSS3: 6.1
EPSS Низкий

Описание

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes (//) from URLs, potentially enabling bypasses for XSS and access controls. An example affected URL is https://demo.dotcms.com//html/portlet/ext/files/edit_text_inc.jsp , which should return a 404 response but didn't.

The oversight in the default invalid URL character list can be viewed at the provided GitHub link https://github.com/dotCMS/core/blob/master/dotCMS/src/main/java/com/dotcms/filters/NormalizationFilter.java#L37

To mitigate, users can block URLs with double slashes at firewalls or utilize dotCMS config variables.

Specifically, they can use the DOT_URI_NORMALIZATION_FORBIDDEN_STRINGS environmental variable to add // to the list of invalid strings.

Additionally, the DOT_URI_NORMALIZATION_FORBIDDEN_REGEX variable offers more detailed control, for instance, to block //html.* URLs.

Fix Version:23.06+, LTS 22.03.7+, LTS 23.01.4+

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dotcms:dotcms:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:21.06:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:22.03:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:23.01:*:*:*:*:*:*:*

EPSS

Процентиль: 39%
0.00177
Низкий

5.3 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79
CWE-79

Связанные уязвимости

github логотип

GHSA-4473-7649-rj9x

CVSS3: 5.3
github
больше 2 лет назад

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes (//) from URLs, potentially enabling bypasses for XSS and access controls. An example affected URL is https://demo.dotcms.com//html/portlet/ext/files/edit_text_inc.jsp https://demo.dotcms.com//html/portlet/ext/files/edit_text_inc.jsp , which should return a 404 response but didn't. The oversight in the default invalid URL character list can be viewed at the provided GitHub link https://github.com/dotCMS/core/blob/master/dotCMS/src/main/java/com/dotcms/filters/NormalizationFilter.java#L37 .  To mitigate, users can block URLs with double slashes at firewalls or utilize dotCMS config variables. Specifically, they can use the DOT_URI_NORMALIZATION_FORBIDDEN_STRINGS environmental variable to add // to the list of invalid strings. Additionally, the DOT_URI_NORMALIZATION_FORBIDDEN_REGEX variable offers more detailed control, for instance, to block //html.* URLs. Fix Version:23.06+, LTS ...

EPSS

Процентиль: 39%
0.00177
Низкий

5.3 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79
CWE-79