[CKEditor] FOD detects redirect vulnerability

[CKEditor] FOD detects redirect vulnerability

  
Forge Component
(15)
Published on 2017-02-19 by Carlos Henriques
15 votes
Published on 2017-02-19 by Carlos Henriques

Hello,

We are using HP FOD tool for vulnerability testing. CKEditor Download.aspx.cs wsas identified as having a possible breach because of redirect() use on line 432 (-- Response.Redirect(redirectUrl); --).

His there anything you can help us with (patch, workarround, arguments) so that we can solidly argument with the FOD team?

We are using Outsystems 10.0.604.0

Thank you in advance for the time you may invest on this matter.

Fernando Gameiro

Just because something is flagged as a potential problem does not mean that it is an actual problem. In this case, the "Download" page of CKEditor is used for the images/files that can be uploaded through CKEditor. All the Download page does, is try to look up the file by a GUID, and if it is found, downloads the file (probably the redirect), otherwise it sets the page's status to 404. That is not a security risk.

If you are not allowing users to upload files at all through the CKEditor settings, you can delete this page from your implementation completely.

J.Ja