Details
-
Bug
-
Status: Closed
-
High
-
Resolution: Fixed
-
r2.06.07
-
None
-
None
Description
In the CMS' editor it is possible to save a piece of javascript code. When another user loads that same document, it is possible to hijack that user's session. Unfortunately I don't have a clear use case, since the person who found out is not in the office atm.
Another security vulnerability is JCR injection (which is similar to SQL injection), although the hacker needs enough security rights to effectively use it. Alas, I also don't have clear usecases. I will provide use cases later when I contact the security guy