Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-22836

Privilege escalation through link refactoring

    XMLWordPrintable

Details

    • Unit, Integration
    • Unknown
    • N/A

    Description

      When links are modified as part of a refactoring (e.g. a page rename) the document is saved using current author as metadata author. This might lead to privilege escalation and script right execution.

      Reproduction steps:

      • Create 2 users Foo without script right and Bar with script right
      • Login with Foo
      • Create a page P1
      • Create a page P2 with a MovieClass xobject
      • In the "poster" field of the xobject put a link to P1 and a velocity script
      • Login with Bar and rename P1 to P3

      Expected result:

      • P2 gets a new version and its link is refactored, the history shows that Bar performed the refactoring, but the velocity script remain not executed

      Obtained result:

      • P2 gets a new version and its link is refactored, the history shows that Bar performed the refactoring, but the velocity script is executed

      Attachments

        Issue Links

          is caused by

          Bug - A problem which impairs or prevents the functions of the product. XWIKI-13401 XWikiGuest is set as author when renaming a page and updating the relative links

          • Major - Major loss of function.
          • Closed

          Activity

            People

              surli Simon Urli
              surli Simon Urli
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: