CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-29161 – Crypto script service uses hashing algorithm SHA1 with RSA for certificate signature in xwiki-platform
https://notcve.org/view.php?id=CVE-2022-29161
05 May 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The XWiki Crypto API will generate X509 certificates signed by default using SHA1 with RSA, which is not considered safe anymore for use in certificate signatures, due to the risk of collisions with SHA1. The problem has been patched in XWiki version 13.10.6, 14.3.1 and 14.4-rc-1. Since then, the Crypto API will generate X509 certificates signed by default using SHA256 with RSA. Administrators are advise... • https://github.com/xwiki/xwiki-platform/commit/26728f3f23658288683667a5182a916c7ecefc52 • CWE-326: Inadequate Encryption Strength CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-24897 – Arbitrary filesystem write access from Velocity
https://notcve.org/view.php?id=CVE-2022-24897
02 May 2022 — APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. Starting with version 2.3 and prior to 12.6.7, 12.10.3, and 13.0, the velocity scripts are not properly sandboxed against using the Java File API to perform read or write operations on the filesystem. Writing an attacking script in Velocity requires the Script rights in XWiki so not all users can use it, and it also requires finding an XWiki API which returns a File. The problem has been patched in versions 12.6.... • https://github.com/xwiki/xwiki-commons/commit/215951cfb0f808d0bf5b1097c9e7d1e503449ab8 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1CVE-2022-24820 – Unauthenticated user can list hidden document from multiple velocity templates
https://notcve.org/view.php?id=CVE-2022-24820
08 Apr 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents by rendering some velocity documents. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem. La plataforma XWiki es una plataforma wiki genérica que ofrece servicios de tiempo de ejecución para aplicaciones construidas sobre ella. • https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qpp2-2mcp-2wm5 • CWE-306: Missing Authentication for Critical Function CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1CVE-2022-24819 – Unauthenticated user can retrieve the list of users through uorgsuggest.vm
https://notcve.org/view.php?id=CVE-2022-24819
08 Apr 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents related to users of the wiki. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem. La plataforma XWiki es una plataforma wiki genérica que ofrece servicios de ejecución para las aplicaciones construidas sobre ella. • https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-97jg-43c9-q6pf • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 7.4EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23622 – Cross site scripting in registration template in xwiki-platform
https://notcve.org/view.php?id=CVE-2022-23622
09 Feb 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is a cross site scripting (XSS) vector in the `registerinline.vm` template related to the `xredirect` hidden field. This template is only used in the following conditions: 1. The wiki must be open to registration for anyone. 2. The wiki must be closed to view for Guest users or more specifically the XWiki.Registration page must be forbidden in View for guest user. • https://github.com/xwiki/xwiki-platform/commit/053d957d53f2a543d158f3ab651e390d2728e0b9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23621 – Missing authorization in xwiki-platform
https://notcve.org/view.php?id=CVE-2022-23621
09 Feb 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with SCRIPT right can read any file located in the XWiki WAR (for example xwiki.cfg and xwiki.properties) through XWiki#invokeServletAndReturnAsString as `$xwiki.invokeServletAndReturnAsString("/WEB-INF/xwiki.cfg")`. This issue has been patched in XWiki versions 12.10.9, 13.4.3 and 13.7-rc-1. Users are advised to update. The only workaround is to limit SCRIPT right. • https://github.com/xwiki/xwiki-platform/commit/df8bd49b5a4d87a427002c6535fb5b1746ff117a • CWE-552: Files or Directories Accessible to External Parties CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23620 – Path traversal in xwiki-platform-skin-skinx
https://notcve.org/view.php?id=CVE-2022-23620
09 Feb 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions AbstractSxExportURLFactoryActionHandler#processSx does not escape anything from SSX document references when serializing it on filesystem, it is possible to for the HTML export process to contain reference elements containing filesystem syntax like "../", "./". or "/" in general. The referenced elements are not properly escaped. This issue has been resolved in version 13.6-rc-1. This... • https://github.com/xwiki/xwiki-platform/commit/ab778254fb8f71c774e1c1239368c44fe3b6bba5 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23619 – Information exposure in xwiki-platform
https://notcve.org/view.php?id=CVE-2022-23619
09 Feb 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to guess if a user has an account on the wiki by using the "Forgot your password" form, even if the wiki is closed to guest users. This problem has been patched on XWiki 12.10.9, 13.4.1 and 13.6RC1. Users are advised yo update. There are no known workarounds for this issue. • https://github.com/xwiki/xwiki-platform/commit/d8a3cce48e0ac1a0f4a3cea7a19747382d9c9494 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23618 – Open Redirect in xwiki-platform
https://notcve.org/view.php?id=CVE-2022-23618
09 Feb 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is no protection against URL redirection to untrusted sites, in particular some well known parameters (xredirect) can be used to perform url redirections. This problem has been patched in XWiki 12.10.7 and XWiki 13.3RC1. Users are advised to update. There are no known workarounds for this issue. • https://github.com/xwiki/xwiki-platform/commit/5251c02080466bf9fb55288f04a37671108f8096 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23617 – Missing authorization in xwiki-platform
https://notcve.org/view.php?id=CVE-2022-23617
09 Feb 2022 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit right can copy the content of a page it does not have access to by using it as template of a new page. This issue has been patched in XWiki 13.2CR1 and 12.10.6. Users are advised to update. There are no known workarounds for this issue. • https://github.com/xwiki/xwiki-platform/commit/30c52b01559b8ef5ed1035dac7c34aaf805764d5 • CWE-862: Missing Authorization •