Lucene search

GitHub Advisory DatabaseGHSA-H5JM-JJGX-Q2WF

HistoryMay 01, 2022 - 7:45 a.m.

XWiki Remote Code Execution

2022-05-0107:45:42

GitHub Advisory Database

github.com

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

JSON

PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the user who last modified a document, which allows remote authenticated users without programming rights to execute arbitrary code by selecting a document whose author has programming rights, modifying this document to contain a script, and previewing without saving the document.

Affected configurations

Vulners

Node

org.xwiki.platform\Matchxwiki-platform-oldcore

CPENameOperatorVersion
org.xwiki.platform:xwiki-platform-oldcorele0.9.1252

CPE	Name	Operator	Version
	org.xwiki.platform:xwiki-platform-oldcore	le	0.9.1252

References

github.com/advisories/GHSA-h5jm-jjgx-q2wf

github.com/xwiki/xwiki-platform/commit/c44172a3556d12b62c0d793ab18475e5e13d7120

nvd.nist.gov/vuln/detail/CVE-2006-7223

web.archive.org/web/20080616064908/jira.xwiki.org/jira/browse/XWIKI-366

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

JSON

Related for GHSA-H5JM-JJGX-Q2WF