Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Shiva Iyer
XXS vulnerability in return URL
March 15, 2013 12:09 PM
Answer

Shiva Iyer

Rank: New Member

Posts: 6

Join Date: March 15, 2013

Recent Posts

Hello Everyone,

We had a security scan done on our app and there were few XSS issues caused by liferay top_js.jspf. The tool was able to insert scripts in below codes of top_js.jspf and navigation.vm. I am using liferay 6.1 CE

1. getURLHome: function() {
return "http://<script>alert(document.domain)</script>/web/..."; }

2. Liferay.AUI = { getBaseURL: function() {
return 'http://<script>alert(document.domain)</script>/html/js/aui/'; }


navigation.vm file

3. <a href="http://<script>alert(document.domain)</script>/web/ ........

Please help me out.

Thanks in advance.
Hitoshi Ozawa
RE: XXS vulnerability in return URL
March 16, 2013 12:05 AM
Answer

Hitoshi Ozawa

Rank: Liferay Legend

Posts: 7949

Join Date: March 23, 2010

Recent Posts

Which version are you using? Are you using the community patched version with all the security fixes? If not, have you applied security fixes from liferay.com?
Shiva Iyer
RE: XXS vulnerability in return URL
March 18, 2013 12:18 PM
Answer

Shiva Iyer

Rank: New Member

Posts: 6

Join Date: March 15, 2013

Recent Posts

Hi Hitoshi Ozawa

I am using Liferay 6.1 CE. I think it doesnot contain any security patches.

Can you please point me out from where i can get those security patches and how can i integrate it with my existing Liferay.

Thanks & Regards,
Shiva
Hitoshi Ozawa
RE: XXS vulnerability in return URL
March 18, 2013 2:06 PM
Answer

Hitoshi Ozawa

Rank: Liferay Legend

Posts: 7949

Join Date: March 23, 2010

Recent Posts

There's a description in the following page and patch files.

http://www.liferay.com/community/security-team/known-vulnerabilities

There's now also a community project to patch CE version with security patches and other patches applied.

https://www.lcepatchers.org/
Samuel Kong
RE: XXS vulnerability in return URL
March 18, 2013 7:45 PM
Answer

Samuel Kong

LIFERAY STAFF

Rank: Liferay Legend

Posts: 1393

Join Date: March 10, 2008

Recent Posts

Shiva,

We probably need a little more info from you in order to properly diagnose the problem. Can you provide additional details (like how to reproduce, where in the page is the xss issues, etc) on a ticket at http://issues.liferay.com/browse/LPS. When you create the ticket, please select the "Security" component. Thanks.