Issues » XSS in Lucene Search Admin tool

Issue: SI-33
Date: Apr 11, 2016, 10:30:00 AM
Severity: Low
Requires Admin Access: Yes
Fix Version: 3.3.2, 3.5
Credit: Piaox From Pingan Product Safety Group
Description:

The lucene search admin tool (Admin only) allows a user to construct and execute a query to run against dotCMS content. The admin tool does not sanitize the query and echo's it back to the user which allows for XSS javascript execution.

Mitigation:

Prevent access to the lucene search admin tool except for authorized personnel. 

References

https://packetstormsecurity.com/files/136636/DotCMS-3.5-Beta-Cross-Site-Scripting.html