Issues » XSS vulnerability with image tool

Issue: SI-44
Date: Oct 3, 2018, 8:00:00 PM
Severity: Medium
Requires Admin Access: No
Fix Version: 5.0.2
Credit: howchen GitHub user
Description:

XSS vulnerability exists on /html/portlet/ext/contentlet/image_tools/index.jsp.  Please refer to github issue for details:  

https://github.com/dotCMS/core/issues/15274

Mitigation:

Use firewall or reverse proxy to limit access to /html/portlet/ext/contentlet/image_tools/index.jsp

References

https://github.com/dotCMS/core/issues/15274

Highly Rated and Recommended

We're rated Excellent 4.2/5 stars on G2 - with 95+ verified reviews