Versions Compared

Old Version 2

changes.mady.by.user Julian

Saved on

compared with

New Version Current

changes.mady.by.user Ahmad

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents


...

May 2024

Denial-of-Service (DoS) in Login Page


Description

In the login page, it is possible to send specially crafted parameters to cause the page to subsequently trigger an error :

Code Block
NullPointerExceptions e.g.:

```
Caused by: java.lang.NullPointerException
    at org.joget.commons.spring.web.ParameterizedAnnotationMethodHandlerAdapter$ParameterizedPathServletRequest.getParameterNames(ParameterizedAnnotationMethodHandlerAdapter.java:84) ~[wflow-commons-8.0-SNAPSHOT.jar:?]
    at org.glowroot.agent.plugin.servlet.DetailCapture_.captureRequestParameters(DetailCapture.java:71) ~[?:?]
    at org.glowroot.agent.plugin.servlet.RequestParameterAspect$GetParameterAdvice_.captureRequestParameters(RequestParameterAspect.java:61) ~[?:?]
    at org.glowroot.agent.plugin.servlet.RequestParameterAspect$GetParameterAdvice_.onReturn(RequestParameterAspect.java:54) ~[?:?]
    at javax.servlet.ServletRequestWrapper.getParameterMap(ServletRequestWrapper.java:157) ~[servlet-api.jar:4.0.FR]
    at org.joget.commons.spring.web.ParameterizedAnnotationMethodHandlerAdapter$ParameterizedPathServletRequest.setAttribute(ParameterizedAnnotationMethodHandlerAdapter.java:96) ~[wflow-commons-8.0-SNAPSHOT.jar:?]
    at org.joget.commons.spring.web.ParameterizedAnnotationMethodHandlerAdapter$ParameterizedPathServletRequest.<init>(ParameterizedAnnotationMethodHandlerAdapter.java:62) ~[wflow-commons-8.0-SNAPSHOT.jar:?]
```



Once triggered, the login page will become inaccessible and the web application server needs to be restarted to restore access.

Severity

High

Affected Versions

Joget DX 8.0.12 and below

Resolution

Upgrade to Joget DX 8.1.0 and above


...


March 2024

Reflected Cross-Site Scripting Vulnerability (XSS) in Userview

Description

In a userview, it is possible to send unvalidated data to a web browser when dynamically switching user locales, which can result in the browser executing malicious code.

Severity

High

Affected Versions

Joget DX 8.0.11 and below

Resolution

Upgrade to Joget DX 8.0.12 and above

...

Critical Vulnerability in Spring Framework CVE-2022-22965

Description

A critical vulnerability has been found in the Spring Framework. According to the vulnerability report CVE-2022-22965:

...

  • Joget DX (7.0.27 and below) running on JDK 9+ and Apache Tomcat (8.5.77 and below, or 9.0.61 and below).
  • Joget Workflow v6 (6.0.34 and below) running on JDK 9+ and Apache Tomcat (8.5.77 and below, or 9.0.61 and below)

Resolution

A fix is available in the latest Joget versions:

...

Critical Vulnerability in Apache Log4j CVE-2021-44228

Description

Critical vulnerability in Apache Log4j. According to the report CVE-2021-44228:

...

However, this vulnerability only affects Apache Log4j versions from 2.0-beta9 to 2.14.1, so they are NOT affected by this vulnerability.

Resolution

To upgrade to the latest log4j 2 version, upgrade to the following Joget versions:

...