[
https://issues.apache.org/jira/browse/JSPWIKI-1140?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17429579#comment-17429579
]
ASF subversion and git services commented on JSPWIKI-1140:
----------------------------------------------------------
Commit d231ea0a085b9c5da10a053d0fb30f745f4adaef in jspwiki's branch
refs/heads/master from Juan Pablo Santos Rodríguez
[ https://gitbox.apache.org/repos/asf?p=jspwiki.git;h=d231ea0 ]
JSPWIKI-1140: Autogenerate changenote on page comments
> Autogenerate changenote on page comments
> ----------------------------------------
>
> Key: JSPWIKI-1140
> URL: https://issues.apache.org/jira/browse/JSPWIKI-1140
> Project: JSPWiki
> Issue Type: Task
> Components: Core & storage
> Affects Versions: 2.11.0-M8
> Environment: Windows new version
> Firefox version 84.0.1
> Reporter: Nguyen Dang Khai
> Priority: Minor
> Fix For: 2.11.0
>
> Attachments: wiki.mp4
>
>
> In the comment function, users can impersonate other users to leave comments.
> Vulnerable code is *line 86* in *Comment.jsp* :
> {code:java}
> // String author = TextUtil.replaceEntities( request.getParameter("author")
> );
> {code}
> Replace any *user* in parameter *author* to impersonate.
> * Request :
> {code:java}
> POST /wikijsp_m8_war/Comment.jsp?page=Main HTTP/1.1
> Host: localhost:8080
> page=Main&action=save&encodingcheck=%E3%81%81&xnfull=1608888733842&submit_auth=&ok=&changenote=&author=dangkhai&link=&_editedtext=n%C3%A2nna%0D%0A{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
