There’s a few reflected XSS in the CFX Tags caused by insufficient user input XSS filtering.
Step to reproduce:
1. in Name Field -> Add Anything
2. in Class -> Add XSS.
i Found 5 valid XSS which are:
'<img src=x onerror=alert(1)>
<img src=x onerror=alert()>
<><img src=1 onerror=alert(1337)>
btw, is there any information about http smuggling, jquery issue and clickjacking in this issue development. because i found some of them in this lucee version. i tested in :
CentOS 7.6 (Linux (3.10.0-957.5.1.el7.x86_64) 64bit)
Java 1.8.0_181 (64 Bit)
CFX are no longer supported in 5.3, the whole underlying XSS issue is LDEV-3050
ok, thanks for the info