• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use
Item7848 for generic doc work for TWiki-6.1.1. Use Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
• Does this site look broken?. Use the LitterTray web for test cases.
• Use
Item7848 for generic doc work for TWiki-6.1.1. Use Item7851 for doc work on extensions that are not part of a release. More... Close • Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
• Does this site look broken?. Use the LitterTray web for test cases.
Item6351: No input validation when adding a new tag
Item Form Data
| AppliesTo: | Component: | Priority: | CurrentState: | WaitingFor: | TargetRelease | ReleasedIn |
|---|---|---|---|---|---|---|
| Extension | TagMePlugin | Normal | Closed | n/a |
Edit Form Data
Detail
Joona Kannisto sent this by e-mail:
> Hi
> I looked TagMePlugin page on twiki.org and came to understanding that you're primary
> maintainers of TagMePlugin. I'm developing a small TWiki plugin as a part of my studies. To get
> a better understanding how Twiki plugins work I was looking at the TagMePlugin's way to handle
> user input and discovered that it doesn't properly validate it.
> For example typing url:
> "http://yourtwikihost/cgi-bin/twiki/view/Main/TWikiUsers?tpaction=add;tag=<blink>partyhard;tagmode="
> yields interesting results. Manually typing urlparameters bypasses the need for authentication so
> that you can tag any topic you are allowed to read (even with user 'guest') and you can use any tag
> you like, it doesn't even have to exist.
>
> Yours,
> Joona Kannisto
-- TWiki:Main/PeterThoeny
- 20 Oct 2009
This is now fixed.
Docs are updated as well. Also removed the uninviting warning on top of the topic to not edit the page.
-- TWiki:Main.PeterThoeny - 25 Oct 2009
Re-opened to fix packaging issue. Also merged to 4.3 branch since this plugin is part of the TWiki release.
-- TWiki:Main.PeterThoeny - 27 Oct 2009
> I looked TagMePlugin page on twiki.org and came to understanding that you're primary
> maintainers of TagMePlugin. I'm developing a small TWiki plugin as a part of my studies. To get
> a better understanding how Twiki plugins work I was looking at the TagMePlugin's way to handle
> user input and discovered that it doesn't properly validate it.
> For example typing url:
> "http://yourtwikihost/cgi-bin/twiki/view/Main/TWikiUsers?tpaction=add;tag=<blink>partyhard;tagmode="
> yields interesting results. Manually typing urlparameters bypasses the need for authentication so
> that you can tag any topic you are allowed to read (even with user 'guest') and you can use any tag
> you like, it doesn't even have to exist.
>
> Yours,
> Joona Kannisto
-- TWiki:Main/PeterThoeny
- 20 Oct 2009
This is now fixed.
Docs are updated as well. Also removed the uninviting warning on top of the topic to not edit the page.
-- TWiki:Main.PeterThoeny - 25 Oct 2009
Re-opened to fix packaging issue. Also merged to 4.3 branch since this plugin is part of the TWiki release.
-- TWiki:Main.PeterThoeny - 27 Oct 2009
| ItemTemplate | |
|---|---|
| Summary | No input validation when adding a new tag |
| ReportedBy |
TWiki:Main.PeterThoeny
|
| Codebase | 4.3.2, ~twiki4 |
| SVN Range | TWiki-5.0.0, Sun, 27 Sep 2009, build 18153 |
| AppliesTo | Extension |
| Component | TagMePlugin |
| Priority | Normal |
| CurrentState | Closed |
| WaitingFor | |
| Checkins |
TWikirev:18183 TWikirev:18196 TWikirev:18197
|
| TargetRelease | n/a |
| ReleasedIn | |
Topic revision: r7 - 2009-10-27 - PeterThoeny
Site map
Bugs web
Create New Report
Index
Search
Detailed Items Query
Changes
100
Notifications
RSS Feed
Statistics
Preferences
Bugs 
Items by urgency
My Reports
Recently Closed
Extensions
By Status 
Waiting for Feedback
Confirmed
Being Worked On
Waiting for Release
No Action Required
Lima 
Fixes for Rel.Notes
Create Feature Request
Account 
Copyright © 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback