Lucene search

Ubuntu.comUB:CVE-2023-22457

HistoryJan 04, 2023 - 12:00 a.m.

CVE-2023-22457

2023-01-0400:00:00

ubuntu.com

ckeditor integration

csrf protection

remote code execution

unauthorized access

patched vulnerability

xwiki integration

9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

0.008 Low

EPSS

Percentile

82.1%

JSON

CKEditor Integration UI adds support for editing wiki pages using CKEditor.
Prior to versions 1.64.3,t he CKEditor.HTMLConverter document lacked a
protection against Cross-Site Request Forgery (CSRF), allowing to execute
macros with the rights of the current user. If a privileged user with
programming rights was tricked into executing a GET request to this
document with certain parameters (e.g., via an image with a corresponding
URL embedded in a comment or via a redirect), this would allow arbitrary
remote code execution and the attacker could gain rights, access private
information or impact the availability of the wiki. The issue has been
patched in the CKEditor Integration version 1.64.3. This has also been
patched in the version of the CKEditor integration that is bundled starting
with XWiki 14.6 RC1. There are no known workarounds for this other than
upgrading the CKEditor integration to a fixed version.

Notes

Author	Note
sbeattie	embedded copies of ckeditor are in ldap-account-manager, rt4, and rt5

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchckeditor< anyUNKNOWN
ubuntu20.04noarchckeditor< anyUNKNOWN
ubuntu22.04noarchckeditor< anyUNKNOWN
ubuntu23.10noarchckeditor< anyUNKNOWN
ubuntu24.04noarchckeditor< anyUNKNOWN
ubuntu16.04noarchckeditor< anyUNKNOWN
ubuntu18.04noarchckeditor3< anyUNKNOWN
ubuntu20.04noarchckeditor3< anyUNKNOWN
ubuntu22.04noarchckeditor3< anyUNKNOWN
ubuntu23.10noarchckeditor3< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	ckeditor	< any	UNKNOWN
ubuntu	20.04	noarch	ckeditor	< any	UNKNOWN
ubuntu	22.04	noarch	ckeditor	< any	UNKNOWN
ubuntu	23.10	noarch	ckeditor	< any	UNKNOWN
ubuntu	24.04	noarch	ckeditor	< any	UNKNOWN
ubuntu	16.04	noarch	ckeditor	< any	UNKNOWN
ubuntu	18.04	noarch	ckeditor3	< any	UNKNOWN
ubuntu	20.04	noarch	ckeditor3	< any	UNKNOWN
ubuntu	22.04	noarch	ckeditor3	< any	UNKNOWN
ubuntu	23.10	noarch	ckeditor3	< any	UNKNOWN

Rows per page:

1-10 of 231

References

github.com/xwiki-contrib/application-ckeditor/commit/6b1053164386aefc526df7512bc664918aa6849b

github.com/xwiki-contrib/application-ckeditor/security/advisories/GHSA-6mjp-2rm6-9g85

jira.xwiki.org/browse/CKEDITOR-475

launchpad.net/bugs/cve/CVE-2023-22457

nvd.nist.gov/vuln/detail/CVE-2023-22457

security-tracker.debian.org/tracker/CVE-2023-22457

www.cve.org/CVERecord?id=CVE-2023-22457

9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

0.008 Low

EPSS

Percentile

82.1%

JSON

Related for UB:CVE-2023-22457