Module: check_mk
Branch: master
Commit: ae7bfc05258302905f95bc553f595fb10bd7fd4a
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=ae7bfc05258302…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Thu Sep 13 20:32:35 2018 +0200
6610 SEC Fixed possible XSS using the dokuwiki snapin
The content of the DokuWiki page named "sidebar" was inserted into the DokuWiki
view of Check_MK, but was is not correctly sanitized. This can only be done by
an administrator of the page, but every user who can access the DokuWiki view
was affected by the vulnerability.
Change-Id: I6c36e9d0459465257f840a2b6220f775c9d23541
---
.werks/6610 | 13 +++++++++++++
cmk/gui/plugins/sidebar/shipped.py | 2 +-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/.werks/6610 b/.werks/6610
new file mode 100644
index 0000000..32804e9
--- /dev/null
+++ b/.werks/6610
@@ -0,0 +1,13 @@
+Title: Fixed possible XSS using the dokuwiki snapin
+Level: 1
+Component: multisite
+Compatible: compat
+Edition: cre
+Version: 1.6.0i1
+Date: 1536863484
+Class: security
+
+The content of the DokuWiki page named "sidebar" was inserted into the
DokuWiki
+view of Check_MK, but was is not correctly sanitized. This can only be done by
+an administrator of the page, but every user who can access the DokuWiki view
+was affected by the vulnerability.
diff --git a/cmk/gui/plugins/sidebar/shipped.py b/cmk/gui/plugins/sidebar/shipped.py
index 58c2e85..cc30456 100644
--- a/cmk/gui/plugins/sidebar/shipped.py
+++ b/cmk/gui/plugins/sidebar/shipped.py
@@ -675,7 +675,7 @@ def render_wiki():
bulletlink(name, "/%s/wiki/doku.php?id=%s" %
(config.omd_site(), link))
else:
- html.write(line)
+ html.write_text(line)
if ul_started == True:
html.close_ul()