CVSS: 8.9EPSS: 0%CPEs: 4EXPL: 1CVE-2023-26480 – XWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live Data
https://notcve.org/view.php?id=CVE-2023-26480
XWiki Platform is a generic wiki platform. Starting in version 12.10, a user without script rights can introduce a stored cross-site scripting by using the Live Data macro. This has been patched in XWiki 14.9, 14.4.7, and 13.10.10. There are no known workarounds. • https://github.com/xwiki/xwiki-platform/commit/23d5ea9b23e84b5f3d1f1b2d5673fe8c774d0d79 https://github.com/xwiki/xwiki-platform/commit/556e7823260b826f344c1a6e95d935774587e028 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-32fq-m2q5-h83g https://jira.xwiki.org/browse/XWIKI-20143 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 2CVE-2022-41935 – Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui
https://notcve.org/view.php?id=CVE-2022-41935
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users without the right to view documents can deduce their existence by repeated Livetable queries. The issue has been patched in XWiki 14.6RC1, 13.10.8, and 14.4.3, the response is not properly cleaned up of obfuscated entries. As a workaround, The patch for the document `XWiki.LiveTableResultsMacros` can be manually applied or a XAR archive of a patched version can be imported, on versions 12.10.11, 13.9-rc-1, and 13.4.4. There are no known workarounds for this issue. • https://github.com/xwiki/xwiki-platform/commit/1450b6e3c69ac7df25e5a2571186d1f43402facd#diff-5a739e5865b1f1ad9d79b724791be51b0095a0170cc078911c940478b13b949a https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-p2x4-6ghr-6vmq https://jira.xwiki.org/browse/XWIKI-19999 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-41932 – Creation of new database tables through login form on PostgreSQL
https://notcve.org/view.php?id=CVE-2022-41932
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make XWiki create many new schemas and fill them with tables just by using a crafted user identifier in the login form. This may lead to degraded database performance. The problem has been patched in XWiki 13.10.8, 14.6RC1 and 14.4.2. Users are advised to upgrade. • https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4x5r-6v26-7j4v https://jira.xwiki.org/browse/XWIKI-19886 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.9EPSS: 0%CPEs: 6EXPL: 2CVE-2022-41928 – XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml
https://notcve.org/view.php?id=CVE-2022-41928
XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml. The issue can also be reproduced by inserting the dangerous payload in the `height` or `alt` macro properties. This has been patched in versions 13.10.7, 14.4.2, and 14.5. The issue can be fixed on a running wiki by updating `XWiki.AttachmentSelector` with the versions below: - 14.5-rc-1+: https://github.com/xwiki/xwiki-platform/commit/eb15147adf94bddb92626f862c1710d45bcd64a7#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23 - 14.4.2+: https://github.com/xwiki/xwiki-platform/commit/c02f8eb1f3c953d124f2c097021536f8bc00fa8d#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23 - 13.10.7+: https://github.com/xwiki/xwiki-platform/commit/efd0df0468d46149ba68b66660b93f31b6318515#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23 XWiki Platform vulnerable a una Neutralización Inadecuada de Directivas en Código Evaluado Dinámicamente (""Inyección de evaluación"") en AttachmentSelector.xml. El problema también se puede reproducir insertando un payload peligroso en las propiedades macro ""height"" o ""alt"". • https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9hqh-fmhg-vq2j https://jira.xwiki.org/browse/XWIKI-19800 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41927 – XWiki Platform vulnerable to Cross-Site Request Forgery (CSRF) allowing to delete or rename tags
https://notcve.org/view.php?id=CVE-2022-41927
XWiki Platform is vulnerable to Cross-Site Request Forgery (CSRF) that may allow attackers to delete or rename tags without needing any confirmation. The problem has been patched in XWiki 13.10.7, 14.4.1 and 14.5RC1. Workarounds: It's possible to patch existing instances directly by editing the page Main.Tags and add this kind of check, in the code for renaming and for deleting: ``` #if (!$services.csrf.isTokenValid($request.get('form_token'))) #set ($discard = $response.sendError(401, "Wrong CSRF token")) #end ``` XWiki Platform es vulnerable a la Cross-Site Request Forgery (CSRF), que puede permitir a los atacantes eliminar o cambiar el nombre de las etiquetas sin necesidad de confirmación. El problema se solucionó en XWiki 13.10.7, 14.4.1 y 14.5RC1. • https://github.com/xwiki/xwiki-platform/commit/7fd4cda0590180c4d34f557597e9e10e263def9e https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-mq7h-5574-hw9f • CWE-352: Cross-Site Request Forgery (CSRF) •