XSS Vulnerability in HST MessagesReplace Tag

Issue date: 26-04-2018
Affects versions: 12.2, 11.2, 10.2

Issue ID: SECURITY-66

Affected Product Version(s)
This vulnerability affects all versions of delivery applications based on Hippo CMS prior to 12.3.0, 12.2.1, 11.2.7, and 10.2.11.

Severity
low

Description

The @hst.messagesReplace tag (used in Freemarker templates) did not escape the message replacement text in the final output, thereby allowing XSS exploits. The implementation of this tag now ensures the replacement text is escaped before it is added to the output.

This vulnerability is classified with severity low, as it can only be exploited by an authenticated CMS author.

Instructions

Every CMS customer is strongly advised to upgrade as soon as possible to the latest CMS maintenance release as indicated above, or higher.

Because the upgrade for these CMS maintenance versions may require some additonal steps and verification, specific upgrade documentation is available to our customers for upgrading to version 10.2.11, 11.2.7, or to 12.2.1 and 12.3.0 (login required).

Content Application

Channels

Projects

Relevance

Architecture

Concepts

Platform Configuration

Frontend Integration

Backend Development

Commerce Accelerator

Cloud Deployment (PaaS)

On-Premise Deployment

Security

Release Management

Platform Development

Bloomreach Documentation version

XSS Vulnerability in HST MessagesReplace Tag