Lucene search
XWiki 2.5-m-1 < 14.4.8, 14.5 < 14.10.6, 15.0-rc-1 < 15.2-rc-1 Privilege Escalation Vulnerability (GHSA-7954-6m9q-gpvf)
🗓️ 28 Aug 2023 00:00:00Reported by Copyright (C) 2023 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 9 Views
XWiki 2.5-m-1 < 14.4.8, 14.5 < 14.10.6, 15.0-rc-1 < 15.2-rc-1 Privilege Escalation Vulnerability (GHSA-7954-6m9q-gpvf
Show more
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | CVE-2023-37914 | 17 Aug 202318:15 | – | osv |
| XWiki Platform privilege escalation (PR)/RCE from account through Invitation subject/message | 18 Aug 202321:50 | – | osv |
 | Remote code execution | 17 Aug 202318:15 | – | prion |
 | CVE-2023-37914 Privilege escalation (PR)/RCE from account through Invitation subject/message | 17 Aug 202317:21 | – | vulnrichment |
 | CVE-2023-37914 Privilege escalation (PR)/RCE from account through Invitation subject/message | 17 Aug 202317:21 | – | cvelist |
 | CVE-2023-37914 | 17 Aug 202318:15 | – | cve |
 | CVE-2023-37914 | 17 Aug 202318:15 | – | nvd |
 | XWiki Platform privilege escalation (PR)/RCE from account through Invitation subject/message | 18 Aug 202321:50 | – | github |
| Source | Link |
|---|---|
| github | www.github.com/advisories/GHSA-7954-6m9q-gpvf |
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:xwiki:xwiki";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.124419");
script_version("2023-10-13T16:09:03+0000");
script_tag(name:"last_modification", value:"2023-10-13 16:09:03 +0000 (Fri, 13 Oct 2023)");
script_tag(name:"creation_date", value:"2023-08-28 08:15:22 +0000 (Mon, 28 Aug 2023)");
script_tag(name:"cvss_base", value:"9.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-08-24 17:14:00 +0000 (Thu, 24 Aug 2023)");
script_cve_id("CVE-2023-37914");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
script_name("XWiki 2.5-m-1 < 14.4.8, 14.5 < 14.10.6, 15.0-rc-1 < 15.2-rc-1 Privilege Escalation Vulnerability (GHSA-7954-6m9q-gpvf)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Web application abuses");
script_dependencies("gb_xwiki_enterprise_detect.nasl");
script_mandatory_keys("xwiki/detected");
script_tag(name:"summary", value:"Xwiki is prone to a privilege escalation vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Any user who can view Invitation.WebHome can execute arbitrary
script macros including Groovy and Python macros that allow remote code execution including
unrestricted read and write access to all wiki contents. This can be reproduced with the
following");
script_tag(name:"affected", value:"XWiki version 2.5-m-1 prior to 14.4.8, 14.5 prior to
14.10.6 and 15.0-rc-1 prior to 15.2-rc-1.");
script_tag(name:"solution", value:"Update to version 14.4.8, 14.10.6, 15.2-rc-1 or later.");
script_xref(name:"URL", value:"https://github.com/advisories/GHSA-7954-6m9q-gpvf");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if( ! port = get_app_port( cpe:CPE ) )
exit( 0 );
if( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )
exit( 0 );
version = infos["version"];
location = infos["location"];
if( version_in_range_exclusive( version:version, test_version_lo:"2.5-m-1", test_version_up:"14.4.8" ) ) {
report = report_fixed_ver( installed_version:version, fixed_version:"14.4.8", install_path:location );
security_message( port:port, data:report );
exit( 0 );
}
if( version_in_range_exclusive( version:version, test_version_lo:"14.5", test_version_up:"14.10.6" ) ) {
report = report_fixed_ver( installed_version:version, fixed_version:"14.10.6", install_path:location );
security_message( port:port, data:report );
exit( 0 );
}
if( version_in_range_exclusive( version:version, test_version_lo:"15.0-rc-1", test_version_up:"15.2-rc-1" ) ) {
report = report_fixed_ver( installed_version:version, fixed_version:"15.2-rc-1", install_path:location );
security_message( port:port, data:report );
exit( 0 );
}
exit( 99 );
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo28 Aug 2023 00:00Current
7.3High risk
Vulners AI Score7.3
CVSS38.8 - 9.9
EPSS0.0432
SSVC