As the plugin manager uses HTTP man in the middle of plugin manager communication is trivial.
If the (plugin-manager.export-url) /export/gzip_plugin_manager.php call is intercepted and respose modified then plugin installation and updates can be compromised and remote code execution can occur (through providing malicious plugin jars in URLs in the response XML). Or even if the gzip_plugin_manager.php call isn't intercepted then future calls can be intercepted and a redirect to malicious jars can be provided.
Suggest that TLS is used where possible and code signing of plugins (and display warnings or blocking unsigned plugins).
Implications are that using jedit on a public network (coffee shop, airport etc) could allow remote code execution.
Log in to post a comment.