Posted by xiong piaox on Apr 08

Advisory: DotCMS xss vulnerability

Author: Piaox From Pingan Product Safety Group

Email: xiongyaofu351 () pingan com cn

Affected Version: dotCMS 3.5 Beta(the latest version)

Vulnerability Description

lucene_search.jsp

26 String query = request.getParameter(“query”);

27 if(!UtilMethods.isSet(query)){

28 query = “”;

29 }

164 <div><strong><%= LanguageUtil.get(pageContext,…