Severe vulnerability when adding the presta_image routing

prestaconcept / PrestaImageBundle

Allow to crop local and remote image before uploading them through a classic form.

MIT License

23 stars 19 forks source link

Severe vulnerability when adding the presta_image routing #86

Closed bijsterdee closed 1 year ago

bijsterdee commented 1 year ago

When you add the following route: presta_image: resource: "@PrestaImageBundle/Resources/config/routing.yaml"

You create a severe vulnerability, because the route presta_image_url_to_base64 use a file_get_contents(string $content).

If you execute curl -X POST -d 'url=/etc/passwd' https://site.tld/url_to_base64 for example, you will retrieve the contents of /etc/passwd (if applicable).

Possible fix to check in the contentToBase64 method if contents is a image?

J-Ben87 commented 1 year ago

This should be fixed by now :wink: