Описание
The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. The calculated base URL is used by FormattedServiceListWriter to build the service endpoint absolute URLs. If the unexpected matrix parameters have been injected into the request URL then these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client.
A vulnerability was found in FormattedServiceListWriter in Apache CXF HTTP transport module that could allow an attacker to inject unexpected matrix parameters into the request URL. On a successful injection these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | cxf | Affected | ||
| Red Hat JBoss BRMS 5 | cxf | Will not fix | ||
| Red Hat JBoss BRMS 6 | cxf | Affected | ||
| Red Hat JBoss Data Grid 6 | cxf | Will not fix | ||
| Red Hat JBoss Data Virtualization 6 | cxf | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 5 | cxf | Will not fix | ||
| Red Hat JBoss Enterprise Application Platform 6 | cxf | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 7 | cxf | Not affected | ||
| Red Hat JBoss Fuse 6 | cxf | Affected | ||
| Red Hat JBoss Fuse Service Works 6 | cxf | Not affected |
Показывать по
Дополнительная информация
Статус:
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Связанные уязвимости
The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. The calculated base URL is used by FormattedServiceListWriter to build the service endpoint absolute URLs. If the unexpected matrix parameters have been injected into the request URL then these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client.
Improper Neutralization of Input During Web Page Generation in Apache CXF
6.1 Medium
CVSS3
4.3 Medium
CVSS2