Apache Sling I18N Support is vulnerable to Privilege Escalation. The vulnerability is due to translations being spread across the whole product, an attacker with content author permission can create an i18n dictionary which replaces button texts, resulting in the attacker tricking a user to click a link to perform unauthorized actions.
CPE | Name | Operator | Version |
---|---|---|---|
apache sling i18n support | le | 2.5.18 | |
apache sling i18n support | le | 2.5.18 |
github.com/advisories/GHSA-mrpv-5pmr-p92h
github.com/apache/sling-org-apache-sling-i18n/commit/c07049d9124dfa73e7a249c7466699941c2afb3e
github.com/apache/sling-org-apache-sling-i18n/commit/db54105ace9c9ec54e5423308554e82f15601eb5
github.com/apache/sling-org-apache-sling-i18n/commit/f431a56663c0d9564351affc03120b349ffaaa8d
issues.apache.org/jira/browse/SLING-11744
sling.apache.org/news.html