** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask
on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1888163
Title:
Security issue: File / folder name not being escaped correctly in
filebrowser
Status in Mahara:
Fix Committed
Status in Mahara 19.04 series:
Fix Released
Status in Mahara 19.10 series:
Fix Released
Status in Mahara 20.04 series:
Fix Released
Status in Mahara 20.10 series:
Fix Committed
Bug description:
In your browser with the debug console visible to see javascript
output
Have a site and go to the Create -> Files page
Upload an image and then edit it and change the
name: Image<script>console.log('bad name!');</script>one
description: This is Image<script>console.log('bad
description!');</script>one description
Create a new folder called:
Folder<script>console.log('bad folder!');</script>one
Go into the new folder and upload another file
Problem 1 you see 'bad folder!' in the console bar
Create a page and add an image block to the page and select the image
with bad name
Problem 2 you see 'bad name!' in console bar
Save block and then edit it again
Problem 3 you see 'bad name!' in console bar again
Add the folder block to the page
Problem 4 you see 'bad folder!' in the console bar
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1888163/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help : https://help.launchpad.net/ListHelp
