https://bugzilla.wikimedia.org/show_bug.cgi?id=51801
Web browser: ---
Bug ID: 51801
Summary: Upload Wizard exploitable with evil filenames
Product: MediaWiki extensions
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: UploadWizard
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected],
[email protected], [email protected]
Classification: Unclassified
Mobile Platform: ---
Linux is very permissive with its file names (compared to Windows). I was able
to create a file with the following name:
<a onmouseover="alert('XSS')">abc</a>test.png
Then I uploaded this file and when hovering the title, an XSS alert is shown.
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
