Uploaded image for project: 'Admin Tools Application'
  1. Admin Tools Application
  2. ADMINTOOL-92

CSRF with QueryOnXWiki allows arbitrary database queries

    XMLWordPrintable

Details

    • Unknown
    • N/A
    • N/A

    Description

      Steps to reproduce:

      1. Add a comment with an image [[image:path:/xwiki/bin/view/Admin/QueryOnXWiki?query=DELETE%20FROM%20xwikidoc]].
      2. Wait for an admin to view the comment.

      Expected result:

      The wiki continues to work.

      Actual result:

      All documents are deleted from the database, the wiki is empty after a restart or after emptying caches. Note that the same mechanism could also be used to grant admin rights to the user with an appropriate database query.

      Attachments

        Activity

          People

            MichaelHamann Michael Hamann
            MichaelHamann Michael Hamann
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: