CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31986 – XWiki Platform CSRF remote code execution through scheduler job's document reference
https://notcve.org/view.php?id=CVE-2024-31986
Starting in version 3.1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, by creating a document with a special crafted documented reference and an `XWiki.SchedulerJobClass` XObject, it is possible to execute arbitrary code on the server whenever an admin visits the scheduler page or the scheduler page is referenced, e.g., via an image in a comment on a page in the wiki. • https://github.com/xwiki/xwiki-platform/commit/8a92cb4bef7e5f244ae81eed3e64fe9be95827cf https://github.com/xwiki/xwiki-platform/commit/efd3570f3e5e944ec0ad0899bf799bf9563aef87 https://github.com/xwiki/xwiki-platform/commit/f30d9c641750a3f034b5910c6a3a7724ae8f2269 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-37m4-hqxv-w26g https://jira.xwiki.org/browse/XWIKI-21416 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31984 – XWiki Platform: Remote code execution through space title and Solr space facet
https://notcve.org/view.php?id=CVE-2024-31984
Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a specially crafted title, it is possible to trigger remote code execution in the (Solr-based) search in XWiki. This allows any user who can edit the title of a space (all users by default) to execute any Groovy code in the XWiki installation which compromises the confidentiality, integrity and availability of the whole XWiki installation. • https://github.com/xwiki/xwiki-platform/commit/43c9d551e3c11e9d8f176b556dd33bbe31fc66e0 https://github.com/xwiki/xwiki-platform/commit/5ef9d294d37be92ee22b2549e38663b29dce8767 https://github.com/xwiki/xwiki-platform/commit/74e301c481e69eeea674dac7fed6af3614cf08c5 https://github.com/xwiki/xwiki-platform/commit/94fc12db87c2431eb1335ecb9c2954b1905bde62 https://github.com/xwiki/xwiki-platform/commit/acba74c149a041345b24dcca52c586f872ba97fb https://github.com/xwiki/xwiki-platform/commit/ef55105d6eeec5635fd693f0070c5aaaf3bdd940 https://github.com/xwiki/xwiki-platform/security/advis • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 9.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31983 – XWiki Platform: Remote code execution from edit in multilingual wikis via translations
https://notcve.org/view.php?id=CVE-2024-31983
Starting in version 4.3-milestone-2 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, this can be exploited for remote code execution if the translation value is not properly escaped where it is used. • https://github.com/xwiki/xwiki-platform/commit/2a9ce88f33663c53c9c63b2ea573f4720ea2efb9 https://github.com/xwiki/xwiki-platform/commit/73aef9648bbff04b697837f1b906932f0d5caacb https://github.com/xwiki/xwiki-platform/commit/c4c8d61c30de72298d805ccc82df2a307f131c54 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xxp2-9c9g-7wmj https://jira.xwiki.org/browse/XWIKI-21411 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 3CVE-2024-31982 – XWiki Platform: Remote code execution as guest via DatabaseSearch
https://notcve.org/view.php?id=CVE-2024-31982
Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. • https://github.com/th3gokul/CVE-2024-31982 https://github.com/bigb0x/CVE-2024-31982 https://github.com/k3lpi3b4nsh33/CVE-2024-31982 https://github.com/xwiki/xwiki-platform/commit/3c9e4bb04286de94ad24854026a09fa967538e31 https://github.com/xwiki/xwiki-platform/commit/459e968be8740c8abc2a168196ce21e5ba93cfb8 https://github.com/xwiki/xwiki-platform/commit/95bdd6cc6298acdf7f8f21298d40eeb8390a8565 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-2858-8cfx-69m9 https://jira.xwiki.org/browse/XWIKI-21472 https:// • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 9.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31981 – XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
https://notcve.org/view.php?id=CVE-2024-31981
Starting in version 3.0.1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, remote code execution is possible via PDF export templates. • https://github.com/xwiki/xwiki-platform/commit/480186f9d2fca880513da8bc5a609674d106cbd3 https://github.com/xwiki/xwiki-platform/commit/a4ad14d9c1605a5ab957237e505ebbb29f5b9d73 https://github.com/xwiki/xwiki-platform/commit/d28e21a670c69880b951e415dd2ddd69d273eae9 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-vxwr-wpjv-qjq7 https://jira.xwiki.org/browse/XWIKI-21337 • CWE-862: Missing Authorization •