=====================================================================

                           CERT-Renater

               Note d'Information No. 2013/VULN479
_____________________________________________________________________

DATE                : 23/10/2013

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S):  Systems running Apache Sling version prior to
                                               1.1.4.

======================================================================
http://s.apache.org/CVE-2013-4390
______________________________________________________________________

CVE-2013-4390: Apache Sling open redirect on login


Severity: Important


Vendor: The Apache Software Foundation


Versions Affected:  All versions Apache Sling org.apache.sling.auth.core
up to and including version 1.1.2

Description: With some combinations of  a custom login form and XSS the
login form rendered by the Apache Sling Auth Core bundle is attackable
with an open redirect, sending users to any server after a login.


Mitigation: Users of those bundle versions should update to version
1.1.4 of the bundle (http://sling.apache.org/downloads.cgi)


Credit: This issue was reported by Raphael Wegmueller of Adobe Systems
Incorporated.


References: http://sling.apache.org/project-information/security.html

https://issues.apache.org/jira/browse/SLING-3141


Regards

Carsten Ziegeler
On Behalf of the Apache Sling Project Management Committee

-- 
Carsten Ziegeler
cziegeler@apache.org

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================