Community
Participate
Working Groups
Build ID: M200409161125 Steps To Reproduce: 1.start the EHS as help system 2.Visit in Firefox: http://localhost:9080/iehs/advanced/workingSet.jsp?operation=edit&workingSet=>%22%27><img%20src%3d%22javascript:alert(94893)%22> 3.See url_inject_1.jpg and src_inject_1.jpg to see the injected script 4.Visit in IE: http://localhost:9080/iehs/advanced/workingSetManager.jsp?operation=add&workingSet=>%22%27><img%20src%3d%22javascript:alert(93775)%22>&hrefs=%2Fcom.ibm.wp.admin.help%2Fh_wp_admin.xml&oldName= 5.See url_inject_2.jpg and src_inject_2.jpg to see the injected script More information:
Created attachment 117299 [details] screen shot for case 1 URL in firefox
Created attachment 117300 [details] html source for case 1 inject in firefox
Created attachment 117301 [details] screen shot for case 2 url injection in IE
Created attachment 117302 [details] html source for case 2 inject in IE
This is a duplicate of Bug 223980 "[Webapp] Unencoded strings inserted into JavaScript" which has been fixed. See that bug for a patch. *** This bug has been marked as a duplicate of bug 223980 ***