Lucene search
+L

22 matches found

OSV
OSV
added 2024/07/31 4:54 p.m.25 views

GHSA-692V-783F-MG8X XWiki Platform vulnerable to Cross-Site Scripting (XSS) through conflict resolution

Impact By creating a conflict when another user with more rights is currently editing a page, it is possible to execute JavaScript snippets on the side of the other user, which compromises the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on a XWiki...

9.4CVSS7.3AI score0.01667EPSS
Exploits0References6
OSV
OSV
added 2023/12/19 9:39 p.m.33 views

GHSA-P5F8-QF24-24CJ Velocity execution without script right through tree macro

Impact It's possible to execute a Velocity script without script right through the document tree. To reproduce: As a user without script right, create a document, e.g., named Nasty Title Set the document's title to $request.requestURI Click "Save & View" Reload the page in the browser The...

8.3CVSS7.2AI score0.00486EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/11/07 11:3 p.m.39 views

XWiki Platform privilege escalation from script right to programming right through title displayer

Impact In XWiki Platform, it's possible for a user to write a script in which any velocity content is executed with the right of any other document content author. To reproduce: As a user with script but not programming right, create a document with the following content: velocity set$main =...

9.1CVSS6.8AI score0.0079EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2023/11/07 11:2 p.m.51 views

XWiki Platform vulnerable to privilege escalation and remote code execution via the edit action

Impact In XWiki Platform, it's possible for a user to execute any content with the right of an existing document's content author, provided the user have edit right on it. The reason for this is that the edit action sets the content without modifying the content author. To reproduce: Log in as a...

9.9CVSS6.9AI score0.00985EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/07/27 7:28 p.m.85 views

GHSA-G9W4-PRF3-M25G Obfuscated email addresses should not be sorted

Impact The mail obfuscation configuration was not fully taken into account and is was still possible by obfuscated emails. See https://jira.xwiki.org/browse/XWIKI-20601 for the reproduction steps. Patches This has been patched in XWiki 14.10.9, and XWiki 15.3-rc-1. Workarounds The workaround is t...

4.3CVSS4.4AI score0.00661EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2023/07/27 7:28 p.m.44 views

Obfuscated email addresses should not be sorted

Impact The mail obfuscation configuration was not fully taken into account and is was still possible by obfuscated emails. See https://jira.xwiki.org/browse/XWIKI-20601 for the reproduction steps. Patches This has been patched in XWiki 14.10.9, and XWiki 15.3-rc-1. Workarounds The workaround is t...

4.3CVSS6.8AI score0.00661EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2023/06/20 4:45 p.m.59 views

GHSA-7VR7-CGHH-CH63 XWiki Platform may retrieve email addresses of all users

Impact The mail obfuscation configuration was not fully taken into account and while the mail displayed to the end user was obfuscated: - the rest response was also containing the mail unobfuscated - user were able to filter and sort on the unobfuscated allowing to infer the mail content The...

7.5CVSS7.5AI score0.00961EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/06/20 4:45 p.m.32 views

XWiki Platform may retrieve email addresses of all users

Impact The mail obfuscation configuration was not fully taken into account and while the mail displayed to the end user was obfuscated: - the rest response was also containing the mail unobfuscated - user were able to filter and sort on the unobfuscated allowing to infer the mail content The...

7.5CVSS6.8AI score0.00961EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2023/06/20 4:45 p.m.34 views

XWiki Platform's tags on non-viewable pages can be revealed to users

Impact Tags from pages not viewable to the current user are leaked by the tags API. This information can also be exploited to infer the document reference of non-viewable pages. Patches This vulnerability has been patched in XWiki 14.4.8, 14.10.4, and 15.0 RC1. Workarounds There is no workaround...

4.3CVSS6.5AI score0.00554EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/04/20 10:25 p.m.55 views

GHSA-JGRG-QVPP-9VWR XWiki Platform vulnerable to code injection from account through AWM view sheet

Impact Steps to reproduce: 1. As a user without script or programming right, edit your user profile or any other document with the wiki editor and add the content groovyprintln"Hello " + "from Groovy!"/groovy 1. Edit the document with the object editor and add an object of type...

9.9CVSS9.1AI score0.0109EPSS
Exploits1References4
OSV
OSV
added 2023/04/20 10:24 p.m.27 views

GHSA-GPQ5-7P34-VQX5 XWiki Platform's async and display macro allow displaying and interacting with any document in restricted mode

Impact It's possible to display any page you cannot access through the combination of the async and display macro. Steps to reproduce: 1. Enable comments for guests by giving guests comment rights 2. As a guest, create a comment with content asyncdisplay reference="Menu.WebHome" //async 3. Open t...

9.9CVSS9.1AI score0.01144EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/04/20 10:24 p.m.31 views

XWiki Platform's async and display macro allow displaying and interacting with any document in restricted mode

Impact It's possible to display any page you cannot access through the combination of the async and display macro. Steps to reproduce: 1. Enable comments for guests by giving guests comment rights 2. As a guest, create a comment with content asyncdisplay reference="Menu.WebHome" //async 3. Open t...

9.9CVSS6AI score0.01144EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2023/04/20 10:15 p.m.29 views

GHSA-MJW9-3F9F-JQ2W XWiki Platform vulnerable to code injection from view right on XWiki.ClassSheet

Impact Any user with view rights can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. The attack works by opening a non-existing page with a name crafted to contain a dangerous...

8.8CVSS9.5AI score0.01864EPSS
Exploits1References5
OSV
OSV
added 2023/04/20 10:0 p.m.19 views

GHSA-3989-4C6X-725F XWiki Platform vulnerable to privilege escalation from view right on XWiki.AttachmentSelector

Impact Any user with view rights on XWiki.AttachmentSelector can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping in the "Cancel and return to page" button. This page is installed by default. See...

9.9CVSS9.4AI score0.65869EPSS
Exploits1References5
OSV
OSV
added 2023/04/20 9:38 p.m.25 views

GHSA-HG5X-3W3X-7G96 xwiki-platform-web-templates vulnerable to Eval Injection

Impact Any user with edit rights on a page e.g., it's own user page, can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the information loaded from attachments in imported.vm, importinline.vm, and...

9.9CVSS9.3AI score0.01144EPSS
Exploits1References5
OSV
OSV
added 2023/04/12 8:43 p.m.22 views

GHSA-6VGH-9R3C-2CXP Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

Impact The Livetable Macro wasn't properly sanitizing column names, thus allowing the insertion of raw HTML code including JavaScript. This vulnerability was also exploitable via the Documents Macro that is included since XWiki 3.5M1 and doesn't require script rights, this can be demonstrated wit...

8.9CVSS9.2AI score0.01393EPSS
Exploits1References5
OSV
OSV
added 2023/03/08 5:19 p.m.63 views

GHSA-GX4F-976G-7G6V XWiki Platform vulnerable to data leak via Improper Restriction of XML External Entity Reference

Impact Any user with edit rights on a document can trigger a XAR import on a forged XAR file, leading to the ability to display the content of any file on the XWiki server host. Example to reproduce: Create a forget XAR file and inside it, have the following package.xml content: xml Helper pages...

7.7CVSS7.5AI score0.00746EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/03/08 5:19 p.m.29 views

XWiki Platform vulnerable to data leak via Improper Restriction of XML External Entity Reference

Impact Any user with edit rights on a document can trigger a XAR import on a forged XAR file, leading to the ability to display the content of any file on the XWiki server host. Example to reproduce: Create a forget XAR file and inside it, have the following package.xml content: xml Helper pages...

7.7CVSS7.3AI score0.00746EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/11/21 10:37 p.m.37 views

Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-menu-ui

Impact Any user with view rights on commonly accessible documents including the menu macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation due to improper escaping of the macro content and parameters of the menu macro. The issue can ...

9.9CVSS8.8AI score0.01261EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2022/09/16 5:40 p.m.61 views

GHSA-JGC8-GVCX-9VFX XWiki Platform Improper Authorization check for inactive users

Impact Some resources are missing a check for inactive not yet activated or disabled users in XWiki, including the REST service: so a disabled user can enable themselves using a REST call. On the same way some resources handler created by extensions are not protected by default: so an inactive...

8.1CVSS7.9AI score0.00916EPSS
Exploits1References5
Rows per page
Query Builder