Apache Sling is a web framework that uses a Java Content Repository, such as Apache Jackrabbit, to store and manage content.
A vulnerability in the ‘org.apache.sling.auth.core.AuthUtil#isRedirectValid’ method in Apache Sling Authentication Service 1.4.0 allows an attacker, through the Sling login form, to trick a victim to send over their credentials.
Apache Sling Authentication Service version 1.4.0
QID Detection Logic:
This QID checks for Apache Sling installations running with default credentials and that have vulnerable versions of Apache Sling Authentication Service module.
An unauthenticated, remote attacker could exploit this vulnerability to steal users’ credentials.
Customers are advised to upgrade to version 1.4.2 or later of the Apache Sling Authentication Service module.
Following are links for downloading patches to fix the vulnerabilities: