Issues » XSS vulnerability with image tool

Issue: SI-44
Date: Oct 4, 2018 12:00:00 AM
Severity: Moderate
Requires Admin Access: Yes
Fix Version: 5.0.2
Credit: howchen GitHub user
Description:

XSS vulnerability exists on /html/portlet/ext/contentlet/image_tools/index.jsp.  Please refer to github issue for details:  

https://github.com/dotCMS/core/issues/15274

Workaround:

Use firewall or reverse proxy to limit access to /html/portlet/ext/contentlet/image_tools/index.jsp

Issues

https://github.com/dotCMS/core/issues/15274