Navigation
- Welcome
- Submissions
- Program
- Venue
- Committees
- Past WikiSyms
- Registration
- News
- Wiki
- Blog
- Promote!
- Sponsors
- OpenSpace
- Proceedings
- Thank You All!
Toolbox

Security of Community Developed and 3rd party Wiki Plug-ins

From WikiSym 2008

Jump to: navigation, search

Andy Webber, Oracle;

Wednesday, September 10, 13:30-15:00 @ Papers Auditorium (B001)

Research Paper

Abstract

This paper discusses the significant security vulnerabilities that can occur in community developed wiki plug-ins and issues associated with managing the process of getting them remidiated. General guidance is given on how the vulnerabilities can be detected and rectified.

The basis for the paper is direct experience with a number of community developed plug-ins for the DokuWiki wiki, although the findings are likely to be transferable to other wikis and indeed to other web based applications that support a plug-in framework.

Keywords: plugins, cross site scripting, security, responsible disclosure

Paper: http://www.wikisym.org/ws2008/proceedings/research%20papers/18500009.pdf

Presentation slides: security.pdf

Discussion

You can discuss this paper by editing this page or the talk page.

Retrieved from "http://10.0.0.10/ws2008/index.php/Security_of_Community_Developed_and_3rd_party_Wiki_Plug-ins"

News

Photo Show

See the photos of WikiSym2008

Take a look at the official photos of WikiSym2008. You have photos of your own? Add yours to the pile!.

Who has Attended

Are you in the mosaic?

Show us who you are. Put your photo on the participants mosaic.

Conference Pocket Guide

Conference Program

2008-08-22

A detailed version of the Conference Program is now almost closed. However, the OpenSpace program is still open, waiting for you to contribute to it, whether before or during the conference. Add your session!! More...

WikiWalk

join now!