Date: Fri, 26 Sep 2014 13:20:18 +0200 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: CVE request: Mediawiki before 1.19.19, 1.22.11 and 1.23.4 insufficient CSS filtering of SVGs Hi, I know, I know, this is not a "the internet is on fire"-style vuln :-) However, can we please get a CVE for this: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html * (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter <style> elements; normalize style elements and attributes before filtering; add checks for attributes that contain css; add unit tests for html5sec and reported bugs. If anyone wants to discuss if this is a real vulnerability, I think it is: Including malicious CSS by less-privileged users could lead to UI manipulation which could cause a more-privileged user to do actions like giving the less-prived user more privs. Upstream Bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=69008 Code commit: https://gerrit.wikimedia.org/r/#/c/162777/ Please assign a CVE. cu, -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.