Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-22474

The Solr script service doesn't take dropped programming right into account

    XMLWordPrintable

Details

    • Unit
    • Unknown
    • N/A
    • N/A

    Description

      Steps to reproduce:

      As a user with programming right, create a document with content 

      {{velocity}}
      $xcontext.dropPermissions()
      $services.solr.index('document:xwiki:Main.WebHome')
      {{/velocity}} 

      Expected result:

      An error is logged that access has been denied.

      Actual result:

      No error is logged, dropping permissions has no effect even though the Solr script service requires programming right.

      This can also be used to clear the index. However, in current versions of XWiki, dropPermissions() isn't used anymore as a real security feature and thus this vulnerability is not easily exploitable. Further, script right is still required to access this scripting API.

      Attachments

        Issue Links

          Activity

            People

              MichaelHamann Michael Hamann
              MichaelHamann Michael Hamann
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: