Miggo Logo

CVE-2021-21028: Reflected Cross-site Scripting in ACS Commons

8.8

CVSS Score
3.1

Basic Information

EPSS Score
0.9523%
Published
2/2/2021
Updated
2/1/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.adobe.acs:acs-aem-commonsmaven< 4.10.04.10.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The commit diff shows the vulnerability was patched by adding XSS encoding via xss:encodeForJSString to these JSP files' ng-init directives. Before patching, user-controlled JCR paths were directly interpolated into JavaScript contexts without proper sanitization, making these template rendering points vulnerable to reflected XSS through malicious path parameters.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t **S *ommons v*rsion *.*.* (*n* **rli*r) su***rs *rom * R**l**t** *ross-sit* S*riptin* (XSS) vuln*r**ility in v*rsion-*omp*r* *n* p***-*omp*r* *u* to inv*li* J*R ***r**t*rs t**t *r* not **n*l** *orr**tly. *n *tt**k*r *oul* pot*nti*lly *xp

Reasoning

T** *ommit *i** s*ows t** vuln*r**ility w*s p*t**** *y ***in* XSS *n*o*in* vi* `xss:*n*o***orJSStrin*` to t**s* JSP *il*s' n*-init *ir**tiv*s. ***or* p*t**in*, us*r-*ontroll** J*R p*t*s w*r* *ir**tly int*rpol*t** into J*v*S*ript *ont*xts wit*out prop