Lucene search
K

18 matches found

Github Security Blog
Github Security Blog
added 2024/01/08 4:39 p.m.28 views

XWiki vulnerable to Denial of Service attack through attachments

Impact A user able to attach a file to a page can post a malformed TAR file by manipulating file modification times headers, which when parsed by Tika, could cause a denial of service issue via CPU consumption. Patches This vulnerability has been patched in XWiki 14.10.18, 15.5.3 and 15.8 RC1...

7.5CVSS6.9AI score0.00636EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/06/20 4:46 p.m.32 views

GHSA-RF8J-Q39G-7XFM XWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults

Impact Any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation. Patches The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1. Workarounds The vulnerability can be fixed by applying this patch. ...

9.9CVSS9.2AI score0.01028EPSS
Exploits0References7
OSV
OSV
added 2023/04/20 10:25 p.m.16 views

GHSA-JGG7-W2RJ-58CJ XWiki Platform vulnerable to privilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration

Impact Steps to reproduce: Open...

9.9CVSS9.4AI score0.77752EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/11/21 10:36 p.m.49 views

Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui

Impact Any user with view rights on commonly accessible documents including the icon picker macro can execute arbitrary Groovy, Python or Velocity code in XWiki due to improper neutralization of the macro parameters of the icon picker macro. The URL...

9.9CVSS8.9AI score0.0119EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/11/21 10:34 p.m.23 views

GHSA-9HQH-FMHG-VQ2J Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml

Impact Any user with the right to edit his personal page can follow one of the scenario below: Scenario 1: - Log in as a simple user with just edit rights on the user profile - Go to the user's profile - Upload an attachment in the attachment tab at the bottom of the page any image is fine - Clic...

9.9CVSS9.2AI score0.00978EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/11/04 6:58 p.m.38 views

XWiki OIDC Authenticator vulnerable to bypassing OpenID login by providing a custom provider

Impact Even if a wiki has an OpenID provider configured through its xwiki.properties, it is possible to provide a third party provider by providing its details through request parameters. One can then bypass the XWiki authentication altogether by specifying its own provider through the...

9.1CVSS7.4AI score0.00895EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/09/16 9:4 p.m.19 views

GHSA-FXWR-4VQ9-9VHJ XWiki Cross-Site Request Forgery (CSRF) for actions on tags

Impact It's possible to perform a CSRF attack for adding or removing tags on XWiki pages. Patches The problem has been patched in XWiki 13.10.5 and 14.3. Workarounds It's possible to fix the issue without upgrading by locally modifying the documentTags.vm template in your filesystem, to apply the...

4.3CVSS4.4AI score0.00336EPSS
Exploits0References5
OSV
OSV
added 2022/09/16 5:22 p.m.33 views

GHSA-XR6M-2P4M-JVQF XWiki Platform Wiki UI Main Wiki Eval Injection vulnerability

Impact It's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script macros via the request URL parameter using the XWikiServerClassSheet if the user has view access to this sheet and another page that has been saved with programming rights, a standard condition on a...

9.9CVSS9.4AI score0.7589EPSS
Exploits1References5
OSV
OSV
added 2022/05/25 10:41 p.m.26 views

GHSA-PH5X-H23X-7Q5Q Cross-site Scripting in wiki manager join wiki page

Impact We found a possible XSS vector in the WikiManager.JoinWiki wiki page related to the "requestJoin" field. Patches The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, 13.10.3. Workarounds The easiest workaround is to edit the wiki page WikiManager.JoinWiki with wiki editor and chan...

7.4CVSS6.3AI score0.00921EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/25 10:41 p.m.48 views

Cross-site Scripting in wiki manager join wiki page

Impact We found a possible XSS vector in the WikiManager.JoinWiki wiki page related to the "requestJoin" field. Patches The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, 13.10.3. Workarounds The easiest workaround is to edit the wiki page WikiManager.JoinWiki with wiki editor and chan...

7.4CVSS5.7AI score0.00921EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/25 10:40 p.m.35 views

GHSA-VMHH-XH3G-J992 Cross-site Scripting in the Flamingo theme manager

Impact We found a possible XSS vector in the FlamingoThemesCode.WebHomeSheet wiki page related to the "newThemeName" form field. Patches The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, 13.10.3. Workarounds The easiest workaround is to edit the wiki page FlamingoThemesCode.WebHomeShe...

7.4CVSS6.3AI score0.01263EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/04/28 7:31 p.m.33 views

Arbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xml

Impact It's possible in a script to access any file accessing to the user running XWiki application server with XML External Entity Injection through the XML script service. For example: velocity set$xml=$services.get'xml' set$xxepayload = "" set$doc=$xml.parse$xxepayload $xml.serialize$doc...

4.9CVSS1AI score0.01408EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/02/10 10:42 p.m.30 views

GHSA-VH5C-JQFG-MHRH Cross-Site Request Forgery in xwiki-platform

Impact It's possible to know if a user has or not an account in a wiki related to an email address, and which usernames is actually tight to that email by forging a request to the Forgot username page. Note that since this page does not have a CSRF check it's quite easy to perform a lot of those...

7.5CVSS6.9AI score0.00964EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/02/09 11:25 p.m.27 views

Cross site scripting in registration template in xwiki-platform

Impact We found a possible XSS vector in the registerinline.vm template related to the xredirect hidden field. This template is only used in the following conditions: - the wiki must be open to registration for anyone - the wiki must be closed to view for Guest users more specifically the...

7.4CVSS0.5AI score0.01008EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/07/02 7:19 p.m.17 views

GHSA-V9J2-Q4Q5-CXH4 No CSRF protection on the password change form

Impact It's possible for forge an URL that, when accessed by an admin, will reset the password of any user in XWiki. Patches The problem has been patched in XWiki 12.10.5, 13.2RC1. Workarounds It's possible to apply the patch manually by modifying the registermacros.vm template like in...

5.7CVSS5.5AI score0.0061EPSS
Exploits1References4
OSV
OSV
added 2021/07/02 7:19 p.m.26 views

GHSA-H4M4-PGP4-WHGM The reset password form reveal users email address

Impact The reset password form reveals the email address of users just by giving their username. Patches The problem has been patched on XWiki 13.2RC1. Workarounds It's possible to manually modify the resetpasswordinline.vm to perform the changes made in...

5.3CVSS5.2AI score0.01199EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2021/04/22 4:11 p.m.64 views

XSS Cross Site Scripting

Impact It is possible to persistently inject scripts in XWiki. For unregistred users: - By filling simple text fields For registered users: - By filling their personal information - if they have edit rights By filling the values of static lists using App Within Minutes That can lead to user's...

9.6CVSS0.3AI score0.01123EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2021/03/23 10:48 p.m.34 views

GHSA-79RG-7MV3-JRR5 Rating Script Service expose XWiki to SQL injection

Impact This issue impacts only XWiki with the Ratings API installed. The Rating Script Service expose an API to perform SQL requests without escaping the from and where search arguments. This might lead to an SQL script injection quite easily for any user having Script rights on XWiki. Patches Th...

7.7CVSS9AI score0.01345EPSS
Exploits0References3
Rows per page
Query Builder