CVE-2023-29208 – Data leak through deleted documents
https://notcve.org/view.php?id=CVE-2023-29208
XWiki Commons are technical libraries common to several other top level XWiki projects. Rights added to a document are not taken into account for viewing it once it's deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on a space of a deleted document are properly checked. The problem has been patched in XWiki 14.10 by checking the rights of current user: only admin and deleter of the document are allowed to view it. • https://github.com/xwiki/xwiki-platform/commit/d9e947559077e947315bf700c5703dfc7dd8a8d7 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4f8g-fq6x-jqrr https://jira.xwiki.org/browse/XWIKI-16285 • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-29207 – Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro
https://notcve.org/view.php?id=CVE-2023-29207
With the interaction of a user with more rights, this could be used to execute arbitrary actions in the wiki, including privilege escalation, remote code execution, information disclosure, modifying or deleting content. • https://github.com/xwiki/xwiki-platform/commit/65ca06c51e7a1d5a579344c7272b2cc9a9a21126 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-6vgh-9r3c-2cxp https://jira.xwiki.org/browse/XWIKI-15205 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-29202 – org.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability
https://notcve.org/view.php?id=CVE-2023-29202
With the interaction of a user with programming rights, this could be used to execute arbitrary actions in the wiki, including privilege escalation, remote code execution, information disclosure, modifying or deleting content and sabotaging the wiki. • https://github.com/xwiki/xwiki-platform/commit/5c7ebe47c2897e92d8f04fe2e15027e84dc3ec03 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-c885-89fw-55qr https://jira.xwiki.org/browse/XWIKI-19671 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-27354 – Sonos One Speaker libsmb2 Integer Overflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-27354
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query command. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before reading from memory. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-23-446 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-27353 – Sonos One Speaker msprox Endpoint Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-27353
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-23-448 • CWE-125: Out-of-bounds Read •