Hi
It’s about the issue 140
Tell me please how can I block the vulnerability in 6.3.4 CUBA platform version? Unfortunately upgrade to 6.8-6.10 is not possible.
Hi,
There is a way to mitigate this vulnerability. You will need to replace the standard window manager with a custom.
Create CustomWindowManager
class in the web module that extends WebWindowManager
:
public class CustomWindowManager extends WebWindowManager {
@Override
protected String formatTabCaption(String caption, String description) {
String s = super.formatTabDescription(caption, description);
int maxLength = webConfig.getMainTabCaptionLength();
if (s.length() > maxLength) {
return s.substring(0, maxLength) + "...";
} else {
return s;
}
}
@Override
protected String formatTabDescription(String caption, String description) {
// you can also return null in order to disable tab tooltips at all
// return null;
// TabSheet uses HTML tooltips, so we need to escape all strings
return StringEscapeUtils.escapeHtml(super.formatTabDescription(caption, description));
}
}
Then define it in web-spring.xml
as:
<!-- Replace standard window manager with custom -->
<bean id="cuba_WebWindowManager"
scope="prototype"
class="com.company.demo.web.CustomWindowManager"/>
This will prevent the incorrect interpretation of window description as HTML in the main TabSheet and mitigate the issue.
Thanks Yuriy, there’s no script execution now.
Yet I added an @Override annotation to formatTabCaption method.