[pmwiki-users] SelectQuery recipe critical vulnerability
Petko Yotov
5ko at 5ko.fr
Tue Jul 4 12:42:50 PDT 2023
I have found today that the Cookbook:SelectQuery recipe has at least 2
separate critical code injection vulnerabilities.
If you use this recipe on your wiki, you MUST restrict editing ASAP to
only trusted editors please.
Both vulnerabilities are in the "ternary logic" markup of the recipe.
One allows to call arbitrary PHP commands, the other one to execute
shell/system commands or programs.
If you don't use the ternary logic operator, you can add to config.php,
before including the recipe, such a line:
DisableMarkup('ternarylogic');
There is no other fix at the moment, and we are considering our options,
as some wikis rely heavily on the ternary logic and it may be difficult
to disable or refactor this feature.
If you have any questions, please let me know, either here on the list,
or privately.
Petko
More information about the pmwiki-users
mailing list