[
https://issues.apache.org/jira/browse/JSPWIKI-1048?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Juan Pablo Santos RodrÃguez updated JSPWIKI-1048:
-------------------------------------------------
Security: (was: Security Vulnerability Disclosure)
> Insecure Content
> ----------------
>
> Key: JSPWIKI-1048
> URL: https://issues.apache.org/jira/browse/JSPWIKI-1048
> Project: JSPWiki
> Issue Type: Bug
> Components: Editors
> Affects Versions: 2.10.1
> Environment: JSPWIKI on DISTRIB_ID=Ubuntu DISTRIB_RELEASE=16.04
> DISTRIB_CODENAME=xenial DISTRIB_DESCRIPTION="Ubuntu 16.04.1 LTS"
> apache-tomcat-7.0.54
> Reporter: Jim Willeke
> Priority: Critical
>
> Appears that the form for loading attachments has a hard-coded "http" scheme.
> <form
> action="http://ldapwiki.com/attach?progressid=287a52a3-05e8-4aed-b538-42761665122c";
> class="wikiform"
> id="uploadform"
> method="post"
> enctype="multipart/form-data" accept-charset="UTF-8"
> onsubmit="return Wiki.submitUpload(this,
> '287a52a3-05e8-4aed-b538-42761665122c');" >
> <table>
> <tr>
> <td colspan="2"><div class="formhelp">In order to upload a new
> attachment to this page, please use the following box to find the file, then
> click on “Upload”.</div></td>
> </tr>
> <tr>
> <td><label for="attachfilename">Select file:</label></td>
> <td><input type="file" name="content" id="attachfilename"
> size="60"/></td>
> </tr>
> <tr>
> <td><label for="attachnote">Change Note:</label></td>
> <td><input type="text" name="changenote" id="attachnote" maxlength="80"
> size="60" />
> <input type="hidden" name="nextpage" value="/Upload.jsp?page=Main" /></td>
> </tr>
> <tr>
> <td></td>
> <td>
> <input type="hidden" name="page" value="Main" />
> <input type="submit" name="upload" id="upload" value="Upload" />
> <input type="hidden" name="action" value="upload" />
> <div id="progressbar"><div class="ajaxprogress"></div></div>
> </td>
> </tr>
> </table>
> </form>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
