Hi,
we got our code scan done from Fortify Vulnerability Tool (HP) and found some vulnerability code in ISC_RealtimeMessaging.js , assuming these are generated by smartgwt complier.
smartgwt sdk version used:
<dependency>
<groupId>com.isomorphic.smartgwt.lgpl</groupId>
<artifactId>smartgwt-lgpl</artifactId>
<version>5.0-p20160212</version>
</dependency>
Issue Raised from HP tool:
The method $1126() in ISC_RealtimeMessaging.js sends unvalidated data to a web browser on line 33, which can result in the browser executing malicious code. Sending unvalidated data to a web browser can result in the browser executing malicious code. Explanation
Cross-site scripting (XSS) vulnerabilities occur when:
1. Data enters a web application through an untrusted source. In the case of DOM-based XSS, data is read from a URL parameter or other value within the browser and written back into the page with client-side code. In the case of Reflected XSS, the untrusted source is typically a web request, while in the case of Persisted (also known as Stored) XSS it is typically a database or other back-end data store.
In this case the data enters at in ISC_RealtimeMessaging.js at line 33.
2. The data is included in dynamic content that is sent to a web user without being validated. In the case of DOM Based XSS, malicious content gets executed as part of DOM (Document Object Model) creation, whenever the victim's browser parses the HTML page.
In this case the data is sent at write() in ISC_RealtimeMessaging.js at line 33.
The malicious content sent to the web browser often takes the form of a segment of JavaScript, but may also include HTML, Flash or any other type of code that the browser may execute. The variety of attacks based on XSS is almost limitless, but they commonly include transmitting private data like cookies or other session information to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user's machine under the guise of the vulnerable site.
Attachment:
I have attached ISC_RealtimeMessaging.js file which has been identified with vulnerabilities.
Team,
having said these , can you please confirm is this vulnerable in any way ? or we can challenge the scan .
we got our code scan done from Fortify Vulnerability Tool (HP) and found some vulnerability code in ISC_RealtimeMessaging.js , assuming these are generated by smartgwt complier.
smartgwt sdk version used:
<dependency>
<groupId>com.isomorphic.smartgwt.lgpl</groupId>
<artifactId>smartgwt-lgpl</artifactId>
<version>5.0-p20160212</version>
</dependency>
Issue Raised from HP tool:
The method $1126() in ISC_RealtimeMessaging.js sends unvalidated data to a web browser on line 33, which can result in the browser executing malicious code. Sending unvalidated data to a web browser can result in the browser executing malicious code. Explanation
Cross-site scripting (XSS) vulnerabilities occur when:
1. Data enters a web application through an untrusted source. In the case of DOM-based XSS, data is read from a URL parameter or other value within the browser and written back into the page with client-side code. In the case of Reflected XSS, the untrusted source is typically a web request, while in the case of Persisted (also known as Stored) XSS it is typically a database or other back-end data store.
In this case the data enters at in ISC_RealtimeMessaging.js at line 33.
2. The data is included in dynamic content that is sent to a web user without being validated. In the case of DOM Based XSS, malicious content gets executed as part of DOM (Document Object Model) creation, whenever the victim's browser parses the HTML page.
In this case the data is sent at write() in ISC_RealtimeMessaging.js at line 33.
The malicious content sent to the web browser often takes the form of a segment of JavaScript, but may also include HTML, Flash or any other type of code that the browser may execute. The variety of attacks based on XSS is almost limitless, but they commonly include transmitting private data like cookies or other session information to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user's machine under the guise of the vulnerable site.
Attachment:
I have attached ISC_RealtimeMessaging.js file which has been identified with vulnerabilities.
Team,
having said these , can you please confirm is this vulnerable in any way ? or we can challenge the scan .
Comment