** UNSUPPORTED WHEN ASSIGNED **
The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing user-controlled data to this key may be relatively common, as it was also used like that to set the language in the 'tiles-test' application shipped with Tiles.
This issue affects Apache Tiles from version 2 onwards.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-49735 - High Severity Vulnerability
Tiles Core Library, including basic implementation of the APIs.
Library home page: http://tiles.apache.org/framework/
Path to vulnerable library: /src/test/resources/webgoat/WEB-INF/lib/tiles-core-3.0.5.jar
Dependency Hierarchy: - :x: **tiles-core-3.0.5.jar** (Vulnerable Library)
Found in HEAD commit: e2144e84b1fdbf18c01c24e6ab9ade7b45b25283
Found in base branch: master
** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing user-controlled data to this key may be relatively common, as it was also used like that to set the language in the 'tiles-test' application shipped with Tiles. This issue affects Apache Tiles from version 2 onwards. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Publish Date: 2023-11-30
URL: CVE-2023-49735
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here.