VYPR
← All advisories
High severityNVD Advisory· Updated Aug 19, 2024

CVE-2024-43372

CVE-2024-43372

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ezsystems/ezplatform-richtextPackagist
>= 3.3.0, < 3.3.403.3.40

Patches

5
dbe816f3ff4c

Fixed failing test for relative links

https://github.com/ezsystems/ezplatform-richtextGunnstein LyeAug 14, 2024via ghsa
commit
3 files changed · +6 5
  • src/lib/eZ/RichText/Resources/schemas/docbook/docbook.iso.sch+2 1 modified
    @@ -260,8 +260,9 @@
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezremote://') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or
+                      starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '/') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"
-                mode="schematron-get-full-path-2">links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #</s:assert>
+                mode="schematron-get-full-path-2">links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, /, #</s:assert>
       <s:assert test="not(contains(@*[name()='xlink:href'], '&lt;') or
                           contains(@*[name()='xlink:href'], '&gt;') or
                           contains(@*[name()='xlink:href'], '&quot;'))"
  • src/lib/eZ/RichText/Resources/schemas/docbook/docbook.iso.sch.xsl+1 1 modified
    @@ -79,7 +79,7 @@
 <axsl:template match="db:link" priority="1000" mode="M3"><svrl:fired-rule xmlns:svrl="http://purl.oclc.org/dsdl/svrl" context="db:link"/>
 
 		<!--ASSERT -->
-<axsl:choose><axsl:when test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezremote://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezremote://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose>
+<axsl:choose><axsl:when test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezremote://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '/') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezremote://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '/') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, /, #</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose>
 
 		<!--ASSERT -->
 <axsl:choose><axsl:when test="not(contains(@*[name()='xlink:href'], '&lt;') or                           contains(@*[name()='xlink:href'], '&gt;') or                           contains(@*[name()='xlink:href'], '&quot;'))"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="not(contains(@*[name()='xlink:href'], '&lt;') or contains(@*[name()='xlink:href'], '&gt;') or contains(@*[name()='xlink:href'], '&quot;'))"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>using characters [&lt; &gt; "] in links is not allowed</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template><axsl:template match="text()" priority="-1" mode="M3"/><axsl:template match="@*|node()" priority="-2" mode="M3"><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template></axsl:stylesheet>
  • tests/lib/eZ/FieldType/RichTextTest.php+3 3 modified
    @@ -224,7 +224,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, /, #',
                         null,
                         [],
                         'xml'
@@ -239,7 +239,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, /, #',
                         null,
                         [],
                         'xml'
@@ -269,7 +269,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, /, #',
                         null,
                         [],
                         'xml'
2c652915625c

Fixed failing test for ezremote protocol

https://github.com/ezsystems/ezplatform-richtextGunnstein LyeAug 14, 2024via ghsa
commit
3 files changed · +6 5
  • src/lib/eZ/RichText/Resources/schemas/docbook/docbook.iso.sch+2 1 modified
    @@ -258,9 +258,10 @@
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or
+                      starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezremote://') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"
-                mode="schematron-get-full-path-2">links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #</s:assert>
+                mode="schematron-get-full-path-2">links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #</s:assert>
       <s:assert test="not(contains(@*[name()='xlink:href'], '&lt;') or
                           contains(@*[name()='xlink:href'], '&gt;') or
                           contains(@*[name()='xlink:href'], '&quot;'))"
  • src/lib/eZ/RichText/Resources/schemas/docbook/docbook.iso.sch.xsl+1 1 modified
    @@ -79,7 +79,7 @@
 <axsl:template match="db:link" priority="1000" mode="M3"><svrl:fired-rule xmlns:svrl="http://purl.oclc.org/dsdl/svrl" context="db:link"/>
 
 		<!--ASSERT -->
-<axsl:choose><axsl:when test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose>
+<axsl:choose><axsl:when test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezremote://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezremote://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose>
 
 		<!--ASSERT -->
 <axsl:choose><axsl:when test="not(contains(@*[name()='xlink:href'], '&lt;') or                           contains(@*[name()='xlink:href'], '&gt;') or                           contains(@*[name()='xlink:href'], '&quot;'))"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="not(contains(@*[name()='xlink:href'], '&lt;') or contains(@*[name()='xlink:href'], '&gt;') or contains(@*[name()='xlink:href'], '&quot;'))"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>using characters [&lt; &gt; "] in links is not allowed</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template><axsl:template match="text()" priority="-1" mode="M3"/><axsl:template match="@*|node()" priority="-2" mode="M3"><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template></axsl:stylesheet>
  • tests/lib/eZ/FieldType/RichTextTest.php+3 3 modified
    @@ -224,7 +224,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #',
                         null,
                         [],
                         'xml'
@@ -239,7 +239,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #',
                         null,
                         [],
                         'xml'
@@ -269,7 +269,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezremote://, ezurl://, #',
                         null,
                         [],
                         'xml'
7bbc6d024c61

Fixed failing test for ezurl protocol

https://github.com/ezsystems/ezplatform-richtextGunnstein LyeAug 14, 2024via ghsa
commit
1 file changed · +3 3
  • tests/lib/eZ/FieldType/RichTextTest.php+3 3 modified
    @@ -224,7 +224,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://,#',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #',
                         null,
                         [],
                         'xml'
@@ -239,7 +239,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://,#',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #',
                         null,
                         [],
                         'xml'
@@ -269,7 +269,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://,#',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #',
                         null,
                         [],
                         'xml'
8b75c603dfd1

Fixed failing test for ezurl protocol

https://github.com/ezsystems/ezplatform-richtextGunnstein LyeAug 14, 2024via ghsa
commit
3 files changed · +6 5
  • src/lib/eZ/RichText/Resources/schemas/docbook/docbook.iso.sch+2 1 modified
    @@ -258,8 +258,9 @@
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or
+                      starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or
                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"
-                mode="schematron-get-full-path-2">links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #</s:assert>
+                mode="schematron-get-full-path-2">links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #</s:assert>
       <s:assert test="not(contains(@*[name()='xlink:href'], '&lt;') or
                           contains(@*[name()='xlink:href'], '&gt;') or
                           contains(@*[name()='xlink:href'], '&quot;'))"
  • src/lib/eZ/RichText/Resources/schemas/docbook/docbook.iso.sch.xsl+1 1 modified
    @@ -79,7 +79,7 @@
 <axsl:template match="db:link" priority="1000" mode="M3"><svrl:fired-rule xmlns:svrl="http://purl.oclc.org/dsdl/svrl" context="db:link"/>
 
 		<!--ASSERT -->
-<axsl:choose><axsl:when test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose>
+<axsl:choose><axsl:when test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezurl://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://, #</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose>
 
 		<!--ASSERT -->
 <axsl:choose><axsl:when test="not(contains(@*[name()='xlink:href'], '&lt;') or                           contains(@*[name()='xlink:href'], '&gt;') or                           contains(@*[name()='xlink:href'], '&quot;'))"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="not(contains(@*[name()='xlink:href'], '&lt;') or contains(@*[name()='xlink:href'], '&gt;') or contains(@*[name()='xlink:href'], '&quot;'))"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>using characters [&lt; &gt; "] in links is not allowed</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template><axsl:template match="text()" priority="-1" mode="M3"/><axsl:template match="@*|node()" priority="-2" mode="M3"><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template></axsl:stylesheet>
  • tests/lib/eZ/FieldType/RichTextTest.php+3 3 modified
    @@ -224,7 +224,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://,#',
                         null,
                         [],
                         'xml'
@@ -239,7 +239,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://,#',
                         null,
                         [],
                         'xml'
@@ -269,7 +269,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, ezurl://,#',
                         null,
                         [],
                         'xml'
6131975108fa

Merge commit from fork

https://github.com/ezsystems/ezplatform-richtextGunnstein LyeAug 14, 2024via ghsa
commit
3 files changed · +51 5
  • src/lib/eZ/RichText/Resources/schemas/docbook/docbook.iso.sch+14 1 modified
    @@ -249,8 +249,21 @@
     </s:rule>
   </s:pattern>
   <s:pattern name="Element contents validation">
+    <s:let name="upperCase" value="'ABCDEFGHIJKLMNOPQRSTUVWXYZ'"/>
+    <s:let name="lowerCase" value="'abcdefghijklmnopqrstuvwxyz'"/>
     <s:rule context="db:link">
-      <s:assert test="not(contains(@*[name()='xlink:href'], 'javascript:') or contains(@*[name()='xlink:href'], 'vbscript:'))" mode="schematron-get-full-path-2">using scripts in links is not allowed</s:assert>
+      <!-- Using translate() because we don't have XPath 2, so we can't use lower-case(). -->
+      <s:assert test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or
+                      starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or
+                      starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or
+                      starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or
+                      starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or
+                      starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"
+                mode="schematron-get-full-path-2">links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #</s:assert>
+      <s:assert test="not(contains(@*[name()='xlink:href'], '&lt;') or
+                          contains(@*[name()='xlink:href'], '&gt;') or
+                          contains(@*[name()='xlink:href'], '&quot;'))"
+                mode="schematron-get-full-path-2">using characters [&lt; &gt; &quot;] in links is not allowed</s:assert>
     </s:rule>
   </s:pattern>
 </s:schema>
  • src/lib/eZ/RichText/Resources/schemas/docbook/docbook.iso.sch.xsl+5 2 modified
    @@ -73,10 +73,13 @@
 <axsl:choose><axsl:when test="not(.//db:ezlink)"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="not(.//db:ezlink)"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path"/></axsl:attribute><svrl:text>ezlink must not occur in the descendants of link</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M2"/></axsl:template><axsl:template match="text()" priority="-1" mode="M2"/><axsl:template match="@*|node()" priority="-2" mode="M2"><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M2"/></axsl:template>
 
 <!--PATTERN -->
-
+<axsl:variable name="upperCase" select="'ABCDEFGHIJKLMNOPQRSTUVWXYZ'"/><axsl:variable name="lowerCase" select="'abcdefghijklmnopqrstuvwxyz'"/>
 
 	<!--RULE -->
 <axsl:template match="db:link" priority="1000" mode="M3"><svrl:fired-rule xmlns:svrl="http://purl.oclc.org/dsdl/svrl" context="db:link"/>
 
 		<!--ASSERT -->
-<axsl:choose><axsl:when test="not(contains(@*[name()='xlink:href'], 'javascript:') or contains(@*[name()='xlink:href'], 'vbscript:'))"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="not(contains(@*[name()='xlink:href'], 'javascript:') or contains(@*[name()='xlink:href'], 'vbscript:'))"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>using scripts in links is not allowed</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template><axsl:template match="text()" priority="-1" mode="M3"/><axsl:template match="@*|node()" priority="-2" mode="M3"><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template></axsl:stylesheet>
+<axsl:choose><axsl:when test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or                       starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'http://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'https://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'mailto:') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezcontent://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), 'ezlocation://') or starts-with(translate(@*[name()='xlink:href'], $upperCase, $lowerCase), '#')"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose>
+
+		<!--ASSERT -->
+<axsl:choose><axsl:when test="not(contains(@*[name()='xlink:href'], '&lt;') or                           contains(@*[name()='xlink:href'], '&gt;') or                           contains(@*[name()='xlink:href'], '&quot;'))"/><axsl:otherwise><svrl:failed-assert xmlns:svrl="http://purl.oclc.org/dsdl/svrl" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:schold="http://www.ascc.net/xml/schematron" test="not(contains(@*[name()='xlink:href'], '&lt;') or contains(@*[name()='xlink:href'], '&gt;') or contains(@*[name()='xlink:href'], '&quot;'))"><axsl:attribute name="location"><axsl:apply-templates select="." mode="schematron-get-full-path-2"/></axsl:attribute><svrl:text>using characters [&lt; &gt; "] in links is not allowed</svrl:text></svrl:failed-assert></axsl:otherwise></axsl:choose><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template><axsl:template match="text()" priority="-1" mode="M3"/><axsl:template match="@*|node()" priority="-2" mode="M3"><axsl:apply-templates select="*|comment()|processing-instruction()" mode="M3"/></axsl:template></axsl:stylesheet>
  • tests/lib/eZ/FieldType/RichTextTest.php+32 2 modified
    @@ -224,7 +224,37 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: using scripts in links is not allowed',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #',
+                        null,
+                        [],
+                        'xml'
+                    ),
+                ],
+            ],
+            [
+                '<?xml version="1.0" encoding="UTF-8"?>
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ezxhtml="http://ez.no/xmlns/ezpublish/docbook/xhtml" xmlns:ezcustom="http://ez.no/xmlns/ezpublish/docbook/custom" version="5.0-variant ezpublish-1.0">
+  <para><link xlink:href="jAvAsCriPt:alert(\'XSS\');">link</link></para>
+</section>',
+                [
+                    new ValidationError(
+                        "Validation of XML content failed:\n" .
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #',
+                        null,
+                        [],
+                        'xml'
+                    ),
+                ],
+            ],
+            [
+                '<?xml version="1.0" encoding="UTF-8"?>
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ezxhtml="http://ez.no/xmlns/ezpublish/docbook/xhtml" xmlns:ezcustom="http://ez.no/xmlns/ezpublish/docbook/custom" version="5.0-variant ezpublish-1.0">
+  <para><link xlink:href="https://example.com/foo&lt;bar">link</link></para>
+</section>',
+                [
+                    new ValidationError(
+                        "Validation of XML content failed:\n" .
+                        '/section/para/link: using characters [< > "] in links is not allowed',
                         null,
                         [],
                         'xml'
@@ -239,7 +269,7 @@ public function providerForTestValidate()
                 [
                     new ValidationError(
                         "Validation of XML content failed:\n" .
-                        '/section/para/link: using scripts in links is not allowed',
+                        '/section/para/link: links must start with one of: http://, https://, mailto:, ezcontent://, ezlocation://, #',
                         null,
                         [],
                         'xml'

Vulnerability mechanics

Not enough inputs (no patches or CWE) to synthesize mechanics for this CVE.

References

10

News mentions

0

No linked articles in our index yet.