On Thu, 2006-09-28 at 11:09 +0200, Andreas Gohr wrote: > Because Kaspar asked in the other thread about his email, I'm forwrading it > below. I had a look at it and the screenshot, but wasn't able to reproduce > it and have no idea how this happened and if it is indeed a security > problem. My guess from looking at it would be some hiccup in Konqueror's > rendering engine / caching mechanism. i havent been able to reproduce it on wiki.splitbrain.org, however i can confirm that i can provoke this to happen with opera aswell. but as i said, im running an old dokuwiki > > Andi > > > Kaspar's mail below: > > Hello.. im writing to you in private since i believe i may have > discovered a security related bug in dokuwiki. > > i just added an article to my wiki, and then browsed abit in the wiki. > then i used my browser(konquerors) feature to go back, but not just one > step, i went directly alot back, to the article i added (konqueror shows > the little arrow, so you can go alot back in current history) anyway, i > didnt get to my article, but i got to the main page, however text in > submit buttons(those used for edit, login, search and such) were > "skewed". i suspect i may have gone back to a submit action, preview > perhaps, since i did do preview alot, causing some GET/POST stuff to > mess up in dokuwiki. > > since i am probably not able to reproduce this, i have taken a > screenshot so that you may see it, i have attached the screenshot. > > my wiki is: http://wiki.kaspersandberg.com > > i am not using the latest stable release of dokuwiki, since the theme > didnt work with khtml, however, the next release seems to do, so ill > change to that when its released. > > if you need me to try some things feel free to mail back, i have not dug > deeper into it myself though, since i dont have too terribly much time. > > mvh. > Kasper Sandberg -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist