org.apache.sling:org.apache.sling.engine is vulnerable to Privilege Escalation. When an attacker is able to include a resource with specific content-type and control the include path, it allows the attacker to elevate privileges and acquire administrative power, because SlingRequestDispatcher
doesn’t correctly implement the RequestDispatcher
API.
CPE | Name | Operator | Version |
---|---|---|---|
apache sling engine | le | 2.13.0 | |
apache sling engine | le | 2.13.0 |
www.openwall.com/lists/oss-security/2023/04/18/6
github.com/advisories/GHSA-mg46-f9h5-g27x
github.com/apache/sling-org-apache-sling-engine/commit/5d8df331c2ef9eae1cec386ccdbe32c9968b104c
github.com/apache/sling-org-apache-sling-engine/pull/29
issues.apache.org/jira/browse/SLING-11722
lists.apache.org/thread/hhp611hltby3whk03vx2mv7cmy3vs0ok