Author: Lindqvist Andreas, Teknikhuset AB.

Published: 2002-10-22

Applies to: Content Studio ver. 3.2

Type: Bug


A mailicious user authenticated in Content Studio can create server side script code and execute it using the rights of the Content Studio runtime account. This includes anonymous users that submits documents via the Anonymous writer service. After that the document has been approved any user can execute the mailicious that was insterted earlier.


Content Studio does not check for active code in the content before saving the document.


Make sure that the Content Studio runtime account has the lowest possible rights outside the file system. Upgrade Content Studio server (CSSrv32.dll) to version or later.


This bug has been fixed in version of the Content Studio server (CSSrv32.dll) component. A new group right ("writeactivecontent") has been added. This right must be present in at least one of the user's groups in order for Content Studio to accept the content.