Vulnerabilities: Difference between revisions
Created page with "This page documents all vulnerabilities that have been present in Our World of Text. Design flaws will not be included. By definition, a vulnerability is a bug that a person can take advantage of to manipulate the server or a user's data in unauthorized ways. == April 12, 2018 == '''Type:''' Unauthorized data manipulation '''Description:''' With a few specially crafted edits, the content of a tile can get corrupted, affecting precisely-protected cells as well. '''Comm..." |
No edit summary |
||
| Line 8: | Line 8: | ||
'''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/edd89084e5cdb80d49af1239bf796506dadc3aea</nowiki> | '''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/edd89084e5cdb80d49af1239bf796506dadc3aea</nowiki> | ||
'''Actively exploited:''' Yes | '''Actively exploited at it's time:''' Yes | ||
'''Patched:''' Yes | '''Patched:''' Yes | ||
| Line 19: | Line 19: | ||
'''Description:''' Sending a cursor message on a world with guest cursors disabled and then disconnecting the client would crash the server. Can be used to take down server for any amount of time. | '''Description:''' Sending a cursor message on a world with guest cursors disabled and then disconnecting the client would crash the server. Can be used to take down server for any amount of time. | ||
'''Actively exploited:''' No | '''Actively exploited at it's time:''' No | ||
'''Patched:''' Yes | '''Patched:''' Yes | ||
| Line 30: | Line 30: | ||
'''Description:''' Upon removing a member from your world, all of the member's connected clients will be temporarily demoted regardless of their world until they refresh. Caused by not checking the world the client is located in before unmarking user as member in memory. | '''Description:''' Upon removing a member from your world, all of the member's connected clients will be temporarily demoted regardless of their world until they refresh. Caused by not checking the world the client is located in before unmarking user as member in memory. | ||
'''Actively exploited:''' No | '''Actively exploited at it's time:''' No | ||
'''Patched:''' Yes | '''Patched:''' Yes | ||
| Line 43: | Line 43: | ||
'''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/d021af26bb8363fcf9ec73539cd05208b6f5ed3d</nowiki> | '''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/d021af26bb8363fcf9ec73539cd05208b6f5ed3d</nowiki> | ||
'''Actively exploited:''' No | '''Actively exploited at it's time:''' No | ||
'''Patched:''' Yes | '''Patched:''' Yes | ||
| Line 56: | Line 56: | ||
'''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/292df686812af8cb3d99bada2c3ded3f4b3d8850</nowiki> | '''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/292df686812af8cb3d99bada2c3ded3f4b3d8850</nowiki> | ||
'''Actively exploited:''' No | '''Actively exploited at it's time:''' No | ||
'''Patched:''' Yes | '''Patched:''' Yes | ||
'''Discoverer(s):''' FP | '''Discoverer(s):''' FP | ||