Issues » SQL Injection via DWR - Requires Authenticated User

Issue: SI-32
Date: Apr 4, 2016 3:30:00 PM
Severity: Moderate
Requires Admin Access: Yes
Fix Version: 3.3.2, 3.5
Credit: p0x2015 <573031544 () qq com>
Description:

A SQL injection vulnerability has been identified in dotCMS 3.3 which, if successfully exploited, could allow an attacker to access sensitive information in the dotcms database.   

The vulnerability requires an authenticated dotCMS user to be exploited.  For more information see:

http://seclists.org/fulldisclosure/2016/Apr/5

Workaround:

Prevent external access to the /dwr endpoint uri via firewall rules.  

Back to the top