GoogleOSV:GHSA-RF8J-Q39G-7XFMXWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
57.3%
Impact
Any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation.
Patches
The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1.
Workarounds
The vulnerability can be fixed by applying this patch.
On versions before 13.4-rc-1, the fix needs to be applied on XWiki.Like.Code.LiveTableResultPage.
References
- The reported issue https://jira.xwiki.org/browse/XWIKI-20611, fixed by https://jira.xwiki.org/browse/XWIKI-19900
- The patch https://github.com/xwiki/xwiki-platform/commit/6ce2d04a5779e07f6d3ed3f37d4761049b4fc3ac#diff-ef7f8b911bb8e584fda22aac5876a329add35ca0d1d32e0fdb62a439b78cfa49
For more information
If you have any questions or comments about this advisory:
- Open an issue in Jira XWiki.org
- Email us at Security Mailing List
References
github.com/xwiki/xwiki-platform
github.com/xwiki/xwiki-platform/commit/0993a7ab3c102f9ac37ffe361a83a3dc302c0e45#diff-0b51114cb27f7a5c599cf40c59d658eae6ddc5c0836532c3b35e163f40a4854fR39
github.com/xwiki/xwiki-platform/commit/6ce2d04a5779e07f6d3ed3f37d4761049b4fc3ac#diff-ef7f8b911bb8e584fda22aac5876a329add35ca0d1d32e0fdb62a439b78cfa49
github.com/xwiki/xwiki-platform/security/advisories/GHSA-rf8j-q39g-7xfm
jira.xwiki.org/browse/XWIKI-19900
jira.xwiki.org/browse/XWIKI-20611
nvd.nist.gov/vuln/detail/CVE-2023-35152
Related
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
57.3%