1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-11-22 04:23:01 +00:00

Bugfix: Fix stored XSS attack - ref CVE-2021-38600

See https://github.com/hmaverickadams/CVE-2021-38600

For some reason the author did not think ti wise to let me know 
privately first - instead publicly announcing it via a GitHub repo..... 
sigh.

In addition, is this *really* a vulnerability? Since Pepperminty Wiki 
requires the site secret to set it up, I can't see that this has a real 
impact.

Still, I'll fix it anyway.....
This commit is contained in:
Starbeamrainbowlabs 2021-09-02 20:54:06 +01:00
parent fab1b52882
commit 0a77065c3f
Signed by: sbrl
GPG key ID: 1BE5172E637709C2
2 changed files with 2 additions and 1 deletions

View file

@ -21,6 +21,7 @@ This file holds the changelog for Pepperminty Wiki. This is the master list of t
## Fixed
- [security] Fixed some potential XSS attacks in the page editor
- [security] Fix stored XSS attack in the wiki name via the first run wizard [CVE-2021-38600](https://github.com/hmaverickadams/CVE-2021-38600); low severity since it requires the site secret to do the initial setup & said initial setup can only be performed once
- Fixed a weird bug in the `stats-update` action causing warnings
- search: Properly apply weightings of matches in page titles and tags
- Improved error handling on first run where the PHP Zip extension is not installed

View file

@ -204,7 +204,7 @@ register_module([
// Apply the settings
$settings->firstrun_complete = true;
$settings->sitename = $_POST["wiki-name"];
$settings->sitename = htmlentities($_POST["wiki-name"]);
$settings->data_storage_dir = $_POST["data-dir"];
if(!save_settings()) {