This is the issue tracking system for DokuWiki. You may add bugs and feature wishes here.
Please post support requests and plugin wishes in the forum. Bug reports for plugins should be reported in the plugin's tracker linked from the plugin page.
To prevent spamming anonymous task adding had to be disabled.
Please post support requests and plugin wishes in the forum. Bug reports for plugins should be reported in the plugin's tracker linked from the plugin page.
To prevent spamming anonymous task adding had to be disabled.
FS#1847 - show outside directory
Attached to Project:
DokuWiki
Opened by white (white_sheep) - Wednesday, 13 January 2010, 02:12 GMT+2
Last edited by Andreas Gohr (andi) - Wednesday, 13 January 2010, 18:53 GMT+2
Opened by white (white_sheep) - Wednesday, 13 January 2010, 02:12 GMT+2
Last edited by Andreas Gohr (andi) - Wednesday, 13 January 2010, 18:53 GMT+2
|
Detailshello, i found this bug that show me outside directory. A PoC is: http://localhost/plugins/acl/ajax.php?ajax=tree&ns=../pages/ please fix asap i will publish it after 30 days from now. if you need more information contact me. regards white_sheep - IHTeam Staff |
This task depends upon
Closed by Andreas Gohr (andi)
Wednesday, 13 January 2010, 18:53 GMT+2
Reason for closing: Fixed
Additional comments about closing: fixed in 2009-12-25b
Wednesday, 13 January 2010, 18:53 GMT+2
Reason for closing: Fixed
Additional comments about closing: fixed in 2009-12-25b
A hotfix named 2009-12-25b was released and can be downloaded at http://www.splitbrain.org/go/dokuwiki
If you want to manually fix the flaw, replace the ACL Manager plugin in lib/plugins/acl/ with the version available at http://www.dokuwiki.org/_media/plugin:acl-plugin.tgz and increase the number in conf/msg to 24.
FS#1853