CVSS: 10.0EPSS: 8%CPEs: 3EXPL: 0CVE-2024-31988 – XWiki Platform CSRF remote code execution through the realtime HTML Converter API
https://notcve.org/view.php?id=CVE-2024-31988
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by getting an admin user to either visit a crafted URL or to view an image with this URL that could be in a comment, the attacker can get the admin to execute arbitrary XWiki syntax including scripting macros with Gr... • https://github.com/xwiki/xwiki-platform/commit/4896712ee6483da623f131be2e618f1f2b79cb8d • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.9EPSS: 27%CPEs: 3EXPL: 0CVE-2024-31987 – XWiki Platform remote code execution from account via custom skins support
https://notcve.org/view.php?id=CVE-2024-31987
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 6.4-milestone-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, any user who can edit any page like their profile can create a custom skin with a template override that is executed with programming right, thus allowing remote code execution. This has been patched in XWiki 14.10.19, 15.5.4 and 15.10RC1. No known workarounds are available except for upgrading. XWiki Platform es una plataforma wiki genérica. • https://github.com/xwiki/xwiki-platform/commit/3d4dbb41f52d1a6e39835cfb1695ca6668605a39 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 8%CPEs: 3EXPL: 0CVE-2024-31986 – XWiki Platform CSRF remote code execution through scheduler job's document reference
https://notcve.org/view.php?id=CVE-2024-31986
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 3.1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, by creating a document with a special crafted documented reference and an `XWiki.SchedulerJobClass` XObject, it is possible to execute arbitrary code on the server whenever an admin visits the scheduler page or the scheduler page is referenced, e.g., via an image in a comment on a page in the wiki. The vulnerability has been fixed in XWiki 14.10.19, 15.5.5, and 15.9. As a workaround, app... • https://github.com/xwiki/xwiki-platform/commit/8a92cb4bef7e5f244ae81eed3e64fe9be95827cf • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31985 – XWiki Platform CSRF in the job scheduler
https://notcve.org/view.php?id=CVE-2024-31985
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 3.1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, it is possible to schedule/trigger/unschedule existing jobs by having an admin visit the Job Scheduler page through a predictable URL, for example by embedding such an URL in any content as an image. The vulnerability has been fixed in XWiki 14.10.19, 15.5.5, and 15.9. As a workaround, manually apply the patch by modifying the `Scheduler.WebHome` page. XWiki Platform es una plataforma wi... • https://github.com/xwiki/xwiki-platform/commit/8a92cb4bef7e5f244ae81eed3e64fe9be95827cf • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.9EPSS: 74%CPEs: 3EXPL: 0CVE-2024-31984 – XWiki Platform: Remote code execution through space title and Solr space facet
https://notcve.org/view.php?id=CVE-2024-31984
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a specially crafted title, it is possible to trigger remote code execution in the (Solr-based) search in XWiki. This allows any user who can edit the title of a space (all users by default) to execute any Groovy code in the XWiki installation which compromises the confidentiality, integrity and availability of the whole XWiki installation. This has been p... • https://github.com/xwiki/xwiki-platform/commit/43c9d551e3c11e9d8f176b556dd33bbe31fc66e0 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 9.9EPSS: 30%CPEs: 3EXPL: 0CVE-2024-31983 – XWiki Platform: Remote code execution from edit in multilingual wikis via translations
https://notcve.org/view.php?id=CVE-2024-31983
10 Apr 2024 — XWiki Platform is a generic wiki platform. In multilingual wikis, translations can be edited by any user who has edit right, circumventing the rights that are normally required for authoring translations (script right for user-scope translations, wiki admin for translations on the wiki). Starting in version 4.3-milestone-2 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, this can be exploited for remote code execution if the translation value is not properly escaped where it is used. This has been pat... • https://github.com/xwiki/xwiki-platform/commit/2a9ce88f33663c53c9c63b2ea573f4720ea2efb9 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 94%CPEs: 3EXPL: 4CVE-2024-31982 – XWiki Platform: Remote code execution as guest via DatabaseSearch
https://notcve.org/view.php?id=CVE-2024-31982
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.... • https://github.com/th3gokul/CVE-2024-31982 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 9.9EPSS: 27%CPEs: 3EXPL: 0CVE-2024-31981 – XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
https://notcve.org/view.php?id=CVE-2024-31981
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 3.0.1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, remote code execution is possible via PDF export templates. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10-rc-1. If PDF templates are not typically used on the instance, an administrator can create the document `XWiki.PDFClass` and block its edition, after making sure that it does not contain a `style` attribute. Otherwise, there are no known workarounds aside ... • https://github.com/xwiki/xwiki-platform/commit/480186f9d2fca880513da8bc5a609674d106cbd3 • CWE-862: Missing Authorization •
CVSS: 9.9EPSS: 35%CPEs: 3EXPL: 0CVE-2024-31465 – XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
https://notcve.org/view.php?id=CVE-2024-31465
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any page can execute any code on the server by adding an object of type `XWiki.SearchSuggestSourceClass` to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1. As a workaround, manually apply the ... • https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31464 – XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
https://notcve.org/view.php?id=CVE-2024-31464
10 Apr 2024 — XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.19, 15.5.4, and 15.9-rc-1, it is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's possible for an attacker to have access to the hash password of a user if they have rights to edit the users' page. With the default right scheme in XWiki this vulnerability is normally prevented on user profiles,... • https://github.com/xwiki/xwiki-platform/commit/9075668a4135cce114ef2a4b72eba3161a9e94c4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •