I think I have a fix for the Swiki cross-server scripting vulnerability. Take the attached file "13" and drop it into ComSwiki/swiki/default/actions. This changes the definition of <?url?> so that '<' and '>' are escaped. Because of the way that Swiki loosely couples meanings like <?url?> and filenames like "13," I have only tested this with the "OneOfTheseDays" release of Swiki.
What I'm patching is changing how "not found" errors are generated. Currently: http://swikiServerName/<h1>BOO!</h1> will INTERPRET that HTML after the servername in the URL. With this fix, you instead see <h1>BOO!</h1> on the page -- the angle brackets are escaped. Please try it out (make a copy of your existing "13" first! :-), and do let us know if you find any problems. Thanks! Mark
13
Description: 13
_______________________________________________ Pws mailing list Pws@cc.gatech.edu https://mailman.cc.gatech.edu/mailman/listinfo/pws
