mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
7224fbcc89
- Files within the storage/ path could be accessed via path traversal
references in content, accessed upon HTML export.
- This addresses this via two layers:
- Scoped local flysystem filesystems down to the specific image &
file folders since flysystem has built-in checking against the
escaping of the root folder.
- Added path normalization before enforcement of uploads/{images,file}
prefix to prevent traversal at a path level.
Thanks to @Haxatron via huntr.dev for discovery and reporting.
Ref: https://huntr.dev/bounties/ac268a17-72b5-446f-a09a-9945ef58607a/
|
||
|---|---|---|
| .. | ||
| Actions | ||
| Api | ||
| Auth | ||
| Config | ||
| Console | ||
| Entities | ||
| Exceptions | ||
| Facades | ||
| Http | ||
| Interfaces | ||
| Notifications | ||
| Providers | ||
| Settings | ||
| Theming | ||
| Traits | ||
| Translation | ||
| Uploads | ||
| Util | ||
| Application.php | ||
| helpers.php | ||
| Model.php | ||