Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-599V-W48H-RJRM
HistorySep 16, 2022 - 5:39 p.m.

XWiki Platform Web Templates vulnerable to Missing Authorization, Exposure of Private Personal Information to Unauthorized Actor

2022-09-1617:39:46
Google
osv.dev
2
xwiki
platform
web
templates
vulnerable
missing authorization
exposure
personal information
unauthorized actor
private wikis
patches
workarounds
references
security advisories

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

56.5%

JSON

Impact

Through the suggestion feature, string and list properties of objects the user shouldn’t have access to can be accessed. This includes private personal information like email addresses and salted password hashes of registered users but also other information stored in properties of objects. Sensitive configuration fields like passwords for LDAP or SMTP servers could be accessed. By exploiting an additional vulnerability, this issue can even be exploited on private wikis at least for string properties.

Patches

The issue is patched in version 13.10.4 and 14.2. Password properties are no longer displayed and rights are checked for other properties.

Workarounds

The template file suggest.vm can be replaced by a patched version without upgrading or restarting XWiki unless it has been overridden, in which case the overridden template should be patched, too. This might need adjustments for older versions, though.

References

For more information

If you have any questions or comments about this advisory:

Related

osv 4
cnvd 1
nvd 2
openvas 2
prion 2
cvelist 2
cve 2
github 3
osv
osv
Plaintext storage of password after a reset in org.xwiki.platform:xwiki-platform-security-authentication-default
2022-11-21 22:37:11
CVE-2022-36091
2022-09-08 16:15:08
CVE-2022-41933
2022-11-23 21:15:10
cnvd
cnvd
XWiki Platform information leakage vulnerability
2022-11-25 00:00:00
nvd
nvd
CVE-2022-36091
2022-09-08 16:15:08
CVE-2022-41933
2022-11-23 21:15:10
openvas
openvas
XWiki < 13.10.4, 14.0 < 14.2 Information Disclosure Vulnerability (GHSA-599v-w48h-rjrm)
2022-09-13 00:00:00
XWiki 13.1RC1 < 13.10.8, 14.x < 14.4.3, 14.5.x < 14.6-rc-1 Plaintext Password Storage Vulnerability (GHSA-q2hm-2h45-v5g3)
2022-11-28 00:00:00
prion
prion
Design/Logic Flaw
2022-09-08 16:15:00
Default credentials
2022-11-23 21:15:00
cvelist
cvelist
CVE-2022-41933 Plaintext storage of password in org.xwiki.platform:xwiki-platform-security-authentication-default
2022-11-23 00:00:00
CVE-2022-36091 XWiki Platform Web Templates vulnerable to Missing Authorization and Exposure of Private Personal Information to an Unauthorized Actor
2022-09-08 16:10:09
cve
cve
CVE-2022-41933
2022-11-23 21:15:10
CVE-2022-36091
2022-09-08 16:15:08
github
github
XWiki Platform Web Templates vulnerable to Missing Authorization, Exposure of Private Personal Information to Unauthorized Actor
2022-09-16 17:39:46
Plaintext storage of password after a reset in org.xwiki.platform:xwiki-platform-security-authentication-default
2022-11-21 22:37:11
Solr search discloses password hashes of all users
2023-12-16 00:03:54

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

56.5%

JSON
Related for OSV:GHSA-599V-W48H-RJRM
osv4cnvd1nvd2openvas2prion2cvelist2cve2github3