Impact Area
Security
Severity
High
Affected Element
System property
Rule ID #
SN-0188
Impact #
In some circumstances it is possible for the client to generate arbitrary script code and send it for evaluation to the server. For instance, by using the API call AJAXEvaluate, and by specifying Javascript formulas in query filters. Enabling Generated Script Sandboxing increases security by running these scripts inside a reduced rights sandbox.
Remediation #
Set the system property “glide.script.use.sandbox” to true.
Time to fix #
15 min
References #
This rule is linked to Common Weakness Enumeration CWE-150 Improper Neutralization of Escape.
