You need to sign in to do that
Don't have an account?
Security issue - apex:selectlist value tampering
I have recently performed a Cross-site scripting (XSS) security test in a customer portal and I have received a concerning issue regarding picklists. The results are:
The following changes were applied to the original request:
- Set the value of the parameter 'formName:dropDown' to
'%3E%22%27%3E%3Cscript%3Ealert%2876%29%3C%2Fscript%3E'
Risk(s): It is possible to steal or manipulate customer session and cookies, which might be used to impersonate a legitimate user,
allowing the hacker to view or alter user records, and to perform transactions as that user
The code for generating the dropdown is:
<apex:selectList id="dropDown" value="{!recordName}" size="1" > <apex:selectOptions value="{!listOptions}" /> </apex:selectList>
I have tried to manually modify the value ot the picklist options in the HTML generated and I have not been able to submit them.
My doubts are: Can the dropdown values actually be tampered? Should I check that the submitted values correspond to the available options?
Do not hesitate in contact me for any related queries.
Thanks!