Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

SS-2016-007: VersionedRequestFilter vulnerability

Low (?)
Versions Affected:
3.3.0 to 3.3.2. 3.4.0
Versions Fixed:
3.3.3. 3.4.1
Release Date:

A cross-site scripting vulnerability in VersionedRequestFilter has been found.

If an incoming user request should not be able to access the requested stage, an error message is created for display on the CMS login page that they are redirected to. In this error message, the URL of the requested page is interpolated into the error message without being escaped; hence, arbitrary HTML can be injected into the CMS login page.

Credit to Matthew Daley for reporting this issue.