CVE-2019-13915

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access.

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access.

b3log Wide unauthenticated file access in github.com/b3log/wide

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access.

b3log Wide antes de 1.6.0 permite que tres tipos de ataques accedan a archivos arbitrarios. Primero, el atacante puede escribir código en el editor, compilarlo y ejecutarlo aproximadamente tres veces para leer un archivo arbitrario. En segundo lugar, el atacante puede crear un enlace simbólico y luego colocar el enlace simbólico en un archivo ZIP. Una operación de descomprimir conduce al acceso de lectura y al acceso de escritura (según los permisos de archivo) al objetivo de enlace simbólico. En tercer lugar, el atacante puede importar un repositorio de Git que contenga un enlace simbólico, lo que, de manera similar, conduce al acceso de lectura y escritura.