Platonides wrote:
Since OpenDocument files are Zip files, unless you do some extra validation, a Jar could be uploaded disguised as an OD? file. The vulnerability is that a Jar have same-origin permissions over the wiki, and so -linked from an external page viewed by logged-in users- can do all kinds of Bad Things.
It's possible to make a file which is simultaneously a valid JAR file and a valid OpenDocument file. Here's the one I made in September last year:
http://noc.wikimedia.org/~tstarling/odjar/
-- Tim Starling