Uploaded image for project: 'ZK'
  1. ZK
  2. ZK-2116

possible XSS Vulnerability for Listcell

XMLWordPrintable

      Hi there, I found a possible XSS Vulnerability for the Listcell component.
      I entered a String like "</script foo=bar>" for a normal Textboxfield and after saving and refreshing this content will be rendered into a Listcell for the User. Unfortunately there is some vulnerability in the XSS protection function.

      The resulting html-code looks like:

      <script type="text/javascript">zkmx(
      .....
      ['zul.sel.Listcell','z_hpl_o',{$$onSize:false,label:'EVIL-JS'},[]],
      ['zul.sel.Listcell','z_hpl_p',

      {label:'</script foo=bar>'}

      ,[]],
      ['zul.sel.Listcell','z_hpl_q',

      {label:'helloWorld'}

      ,[]],
      ....);
      </script>

      I always though zkoss will now prevent all evil xss-stuff, but unfortunately the resulting page is empty or is really messed up, without any reliable information.

      I am using zk5.0.4.1, zcommon5.0.4, zhtml5.0.4....(Unfortunately upgrading to a newer zk version is at this moment not an option!)

      Is there something I'm doing wrong? Or is this a known issue??

      Please help ASAP. thx

        1. Screen Shot 2014-07-14 at 10.35.06.png
          33 kB
          ulysses

            jumperchen jumperchen
            salbader salbader
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: