FKIE_CVE-2017-15717
Vulnerability from fkie_nvd - Published: 2018-01-10 14:29 - Updated: 2026-06-17 01:08
Severity
Summary
A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 and Apache Sling XSS Protection API 2.0.0.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | https://s.apache.org/CVE-2017-15717 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://s.apache.org/CVE-2017-15717 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | sling_xss_protection_api | * | |
| apache | sling_xss_protection_api | 2.0.0 | |
| apache | sling_xss_protection_api_compat | 1.1.0 |
{
"affected": [
{
"affectedData": [
{
"product": "Apache Sling",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "XSS Protection API 1.0.4 to 1.0.18"
},
{
"status": "affected",
"version": "XSS Protection API Compat 1.1.0"
},
{
"status": "affected",
"version": "XSS Protection API 2.0.0"
}
]
}
],
"source": "security@apache.org"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:sling_xss_protection_api:*:*:*:*:*:*:*:*",
"matchCriteriaId": "956A4CBC-C078-44B0-8280-28E1B7F65D5A",
"versionEndIncluding": "1.0.18",
"versionStartExcluding": "1.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:sling_xss_protection_api:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE953DD-F41F-489C-AA69-038EE9A64338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:sling_xss_protection_api_compat:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42CF40B5-0046-4F0B-B4CE-74FDEF2D947A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 and Apache Sling XSS Protection API 2.0.0."
},
{
"lang": "es",
"value": "Un defecto en la manera en la que se escapan y codifican las URL en org.apache.sling.xss.impl.XSSAPIImpl#getValidHref y org.apache.sling.xss.impl.XSSFilterImpl#isValidHref permite que se pasen URL especialmente manipuladas como v\u00e1lidas, aunque porten cargas \u00fatiles XSS. Las versiones afectadas son Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 y Apache Sling XSS Protection API 2.0.0."
}
],
"id": "CVE-2017-15717",
"lastModified": "2026-06-17T01:08:09.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-10T14:29:00.263",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://s.apache.org/CVE-2017-15717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://s.apache.org/CVE-2017-15717"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…