Lucene search

GoogleOSV:GHSA-8692-G6G9-GM5P

HistoryMar 03, 2023 - 10:52 p.m.

xwiki contains Exposed Dangerous Method or Function

2023-03-0322:52:47

Google

osv.dev

xwiki

exposed method

dangerous function

patched

security advisory

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.5%

JSON

Impact

org.xwiki.store.script.TemporaryAttachmentsScriptService#uploadTemporaryAttachment is returning an instance of com.xpn.xwiki.doc.XWikiAttachment. This class is not supported to be exposed to users without the programing right.
com.xpn.xwiki.api.Attachment should be used instead and takes case of checking the user’s rights before performing dangerous operations.

Patches

This has been patched in the version 14.9-rc-1 and 14.4.6.

Workarounds

There’s no workaround for this issue.

References

https://jira.xwiki.org/browse/XWIKI-20180

For more information

If you have any questions or comments about this advisory:

Open an issue in JIRA
Email us at security ML

References

github.com/xwiki/xwiki-platform

github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d

github.com/xwiki/xwiki-platform/security/advisories/GHSA-8692-g6g9-gm5p

jira.xwiki.org/browse/XWIKI-20180

nvd.nist.gov/vuln/detail/CVE-2023-26478

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.5%

JSON

Related for OSV:GHSA-8692-G6G9-GM5P