mahara-contributors team mailing list archive

Thread
Date

[Bug 1888163] Re: Security issue: File / folder name not being escaped correctly in filebrowser

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Robert Lyon <1888163@xxxxxxxxxxxxxxxxxx>
Date: Sun, 01 Nov 2020 22:07:50 -0000
Reply-to: Bug 1888163 <1888163@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: mahara
    Milestone: 20.10.0 => None

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1888163

Title:
  Security issue: File / folder name not being escaped correctly in
  filebrowser

Status in Mahara:
  Fix Released
Status in Mahara 19.04 series:
  Fix Released
Status in Mahara 19.10 series:
  Fix Released
Status in Mahara 20.04 series:
  Fix Released
Status in Mahara 20.10 series:
  Fix Released

Bug description:
  In your browser with the debug console visible to see javascript
  output

  Have a site and go to the Create -> Files page

  Upload an image and then edit it and change the
  name: Image<script>console.log('bad name!');</script>one
  description: This is Image<script>console.log('bad description!');</script>one description

  Create a new folder called:
  Folder<script>console.log('bad folder!');</script>one

  Go into the new folder and upload another file

  Problem 1 you see 'bad folder!' in the console bar

  Create a page and add an image block to the page and select the image
  with bad name

  Problem 2 you see 'bad name!' in console bar

  Save block and then edit it again

  Problem 3 you see 'bad name!' in console bar again

  Add the folder block to the page

  Problem 4 you see 'bad folder!' in the console bar

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1888163/+subscriptions