Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#20370] - [4.0] Media Manager, Attempt to rename file to crazy filename generates internal server error

J4 Issue ?
avatar PhilETaylor
PhilETaylor
12 May 2018

Steps to reproduce the issue

in media manager try to rename a file to

`"'><img src=xxx:x \x00onerror=javascript:alert(1)> </style &#32;><script &#32; :-(>/**/alert(document.location)/**/</script &#32; :-(

Expected result

Error message from the ajax is captured and displayed

Actual result

Just "Internal Server Error" is displayed in the error message when there is a more descriptive message in the JSON response

screen shot 2018-05-12 at 21 57 45

System information (as much as possible)

Joomla! 4.0.0-alpha3 Alpha [ Amani ] 12-May-2018 15:23 GMT

Additional comments

avatar PhilETaylor PhilETaylor - open - 12 May 2018
avatar joomla-cms-bot joomla-cms-bot - change - 12 May 2018
Labels Added: ?
avatar joomla-cms-bot joomla-cms-bot - labeled - 12 May 2018
avatar PhilETaylor
PhilETaylor - comment - 12 May 2018

@joomla/security Might need a review of this....

avatar franz-wohlkoenig franz-wohlkoenig - change - 13 May 2018
Category com_media UI/UX
avatar franz-wohlkoenig franz-wohlkoenig - change - 13 May 2018
Status New Discussion
avatar PhilETaylor PhilETaylor - change - 13 May 2018
The description was changed
avatar PhilETaylor PhilETaylor - edited - 13 May 2018
avatar brianteeman brianteeman - change - 13 May 2018
Labels Added: ?
avatar brianteeman brianteeman - labeled - 13 May 2018
avatar brianteeman brianteeman - change - 13 May 2018
Labels Removed: ?
avatar brianteeman brianteeman - unlabeled - 13 May 2018
avatar brianteeman brianteeman - change - 13 May 2018
Labels Added: J4 Issue
avatar brianteeman brianteeman - labeled - 13 May 2018
avatar laoneo
laoneo - comment - 25 May 2018

I was playing a bit around with this issue. The problem is that JFileand JFolder do not return proper messages and error codes (see #20438 for more details). I'm also not sure if we should expose the exception message in the client (even add it in the response).

avatar laoneo
laoneo - comment - 25 May 2018

Would end up then like
image
with the code https://github.com/joomla-projects/media-manager-improvement/compare/rename?expand=1. But honestly I'm not really happy with it at all as we can't detect if there is a server error or a permission exception when a file can't be moved.

avatar PhilETaylor PhilETaylor - change - 10 Feb 2019
Status Discussion Closed
Closed_Date 0000-00-00 00:00:00 2019-02-10 21:34:03
Closed_By PhilETaylor
avatar PhilETaylor PhilETaylor - close - 10 Feb 2019
avatar wilsonge wilsonge - change - 21 Mar 2019
Labels Added: ?
avatar wilsonge wilsonge - labeled - 21 Mar 2019
avatar wilsonge wilsonge - change - 20 Feb 2021
Labels Removed: ?
avatar wilsonge wilsonge - unlabeled - 20 Feb 2021

Add a Comment

Login with GitHub to post a comment