cc29610abb
MoinMoin "refuri" Cross-Site Scripting Vulnerability Note that 'rst' is not the default parser, but available if docutils are installed. For more information see http://moinmo.in/SecurityFixes
21 lines
1002 B
Plaintext
21 lines
1002 B
Plaintext
$OpenBSD: patch-MoinMoin_parser_text_rst_py,v 1.1 2011/03/07 18:38:06 jasper Exp $
|
|
|
|
Security fix for CVE-2011-1058,
|
|
MoinMoin "refuri" Cross-Site Scripting Vulnerability
|
|
|
|
Patch from upstream Mercurial:
|
|
http://hg.moinmo.in/moin/1.9/rev/97208f67798f
|
|
|
|
--- MoinMoin/parser/text_rst.py.orig Mon Mar 7 19:35:58 2011
|
|
+++ MoinMoin/parser/text_rst.py Mon Mar 7 19:36:02 2011
|
|
@@ -391,6 +391,9 @@ class MoinTranslator(html4css1.HTMLTranslator):
|
|
# for images with targets).
|
|
if not [i for i in node.children if i.__class__ == docutils.nodes.image]:
|
|
node['classes'].append('interwiki')
|
|
+ elif prefix == 'javascript':
|
|
+ # is someone trying to do XSS with javascript?
|
|
+ node['refuri'] = 'javascript:alert("it does not work")'
|
|
elif prefix != '':
|
|
# Some link scheme (http, file, https, mailto, etc.), add class
|
|
# information if the reference doesn't have a child image (don't
|