Details
-
Bug
-
Resolution: Fixed
-
Medium
-
5.1.2
-
None
-
4
-
Description
Both HtmlExporter.java and FileXmlExporter.java use the prepareExportFileName method inherited from AbstractExporterImpl.java in forming a path to use for the zip file location (archivePath & zipFileName, respectively) which uses the user controlled space key[0] in the returned path and are thus vulnerable to path traversal.
[0] personal space keys are allowed to contain "." and "/" characters.
Attachments
Issue Links
- is related to
-
CONFSERVER-33904 Put spacekey in filename of exported spaces
- Closed