CVE-2022-35740

Name of the Vulnerable Software and Affected Versions dotCMS versions prior to 22.06 dotCMS version 5.3.8.12 dotCMS version 21.06.9 dotCMS version 22.03.2

Description The issue allows remote attackers to bypass intended access control and obtain sensitive information by using a semicolon in a URL to introduce a matrix parameter. This can be exploited to avoid dotCMS's path-based XSS prevention, such as "require login" filters, and access restricted resources. For example, an attacker could place a semicolon immediately before a / character that separates elements of a filesystem path, revealing file content that is ordinarily only visible to signed-in users. This issue can be chained with other exploit code to achieve XSS attacks against dotCMS.

Recommendations For dotCMS versions prior to 22.06, update to version 22.06 or later to resolve the issue. For dotCMS version 5.3.8.12, no specific recommendation is provided. For dotCMS version 21.06.9, no specific recommendation is provided. For dotCMS version 22.03.2, no specific recommendation is provided. As a temporary workaround, consider restricting access to sensitive resources until a patch is available.