// For flags

CVE-2017-15717

 

Severity Score

6.1
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 and Apache Sling XSS Protection API 2.0.0.

Un defecto en la manera en la que se escapan y codifican las URL en org.apache.sling.xss.impl.XSSAPIImpl#getValidHref y org.apache.sling.xss.impl.XSSFilterImpl#isValidHref permite que se pasen URL especialmente manipuladas como válidas, aunque porten cargas útiles XSS. Las versiones afectadas son Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 y Apache Sling XSS Protection API 2.0.0.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-10-21 CVE Reserved
  • 2018-01-10 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-09-22 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://s.apache.org/CVE-2017-15717 2018-02-02
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
 Sling Xss Protection Api
Search vendor "Apache" for product "Sling Xss Protection Api"
 > 1.0.4 <= 1.0.18
Search vendor "Apache" for product "Sling Xss Protection Api" and version " > 1.0.4 <= 1.0.18"
-
Affected
Apache
Search vendor "Apache"
 Sling Xss Protection Api
Search vendor "Apache" for product "Sling Xss Protection Api"
 2.0.0
Search vendor "Apache" for product "Sling Xss Protection Api" and version "2.0.0"
-
Affected
Apache
Search vendor "Apache"
 Sling Xss Protection Api Compat
Search vendor "Apache" for product "Sling Xss Protection Api Compat"
 1.1.0
Search vendor "Apache" for product "Sling Xss Protection Api Compat" and version "1.1.0"
-
Affected