[checkmk-commits] 6610 SEC Fixed possible XSS using the dokuwiki snapin

Module: check_mk Branch: master Commit: ae7bfc05258302905f95bc553f595fb10bd7fd4a URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=ae7bfc05258302… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Thu Sep 13 20:32:35 2018 +0200 6610 SEC Fixed possible XSS using the dokuwiki snapin The content of the DokuWiki page named "sidebar" was inserted into the DokuWiki view of Check_MK, but was is not correctly sanitized. This can only be done by an administrator of the page, but every user who can access the DokuWiki view was affected by the vulnerability. Change-Id: I6c36e9d0459465257f840a2b6220f775c9d23541 --- .werks/6610 | 13 +++++++++++++ cmk/gui/plugins/sidebar/shipped.py | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/.werks/6610 b/.werks/6610 new file mode 100644 index 0000000..32804e9 --- /dev/null +++ b/.werks/6610 @@ -0,0 +1,13 @@ +Title: Fixed possible XSS using the dokuwiki snapin +Level: 1 +Component: multisite +Compatible: compat +Edition: cre +Version: 1.6.0i1 +Date: 1536863484 +Class: security + +The content of the DokuWiki page named "sidebar" was inserted into the DokuWiki +view of Check_MK, but was is not correctly sanitized. This can only be done by +an administrator of the page, but every user who can access the DokuWiki view +was affected by the vulnerability. diff --git a/cmk/gui/plugins/sidebar/shipped.py b/cmk/gui/plugins/sidebar/shipped.py index 58c2e85..cc30456 100644 --- a/cmk/gui/plugins/sidebar/shipped.py +++ b/cmk/gui/plugins/sidebar/shipped.py @@ -675,7 +675,7 @@ def render_wiki(): bulletlink(name, "/%s/wiki/doku.php?id=%s" % (config.omd_site(), link)) else: - html.write(line) + html.write_text(line) if ul_started == True: html.close_ul()