CVE-2022-41931
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
xwiki-platform-icon-ui is vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). Any user with view rights on commonly accessible documents including the icon picker macro can execute arbitrary Groovy, Python or Velocity code in XWiki due to improper neutralization of the macro parameters of the icon picker macro. The problem has been patched in XWiki 13.10.7, 14.5 and 14.4.2. Workarounds: The [patch](https://github.com/xwiki/xwiki-platform/commit/47eb8a5fba550f477944eb6da8ca91b87eaf1d01) can be manually applied by editing `IconThemesCode.IconPickerMacro` in the object editor. The whole document can also be replaced by the current version by importing the document from the XAR archive of a fixed version as the only changes to the document have been security fixes and small formatting changes.
xwiki-platform-icon-ui es vulnerable a una Neutralización Inadecuada de Directivas en Código Evaluado Dinámicamente ("Inyección de Evaluación"). Cualquier usuario con derechos de visualización de documentos comúnmente accesibles, incluida la macro del selector de iconos, puede ejecutar código Groovy, Python o Velocity arbitrario en XWiki debido a una neutralización inadecuada de los parámetros macro de la macro del recolector de iconos. El problema se solucionó en XWiki 13.10.7, 14.5 y 14.4.2. Workarounds: el [parche](https://github.com/xwiki/xwiki-platform/commit/47eb8a5fba550f477944eb6da8ca91b87eaf1d01) se puede aplicar manualmente editando `IconThemesCode.IconPickerMacro` en el editor de objetos. El documento completo también se puede reemplazar por la versión actual importando el documento desde el archivo XAR de una versión fija, ya que los únicos cambios en el documento han sido correcciones de seguridad y pequeños cambios de formato.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-09-30 CVE Reserved
- 2022-11-23 CVE Published
- 2024-07-14 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-5j7g-cf6r-g2h7 | 2024-08-03 | |
| https://jira.xwiki.org/browse/XWIKI-19805 | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://github.com/xwiki/xwiki-platform/commit/47eb8a5fba550f477944eb6da8ca91b87eaf1d01 | 2022-11-30 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xwiki Search vendor "Xwiki" | Xwiki Search vendor "Xwiki" for product "Xwiki" | > 6.4 < 13.10.7 Search vendor "Xwiki" for product "Xwiki" and version " > 6.4 < 13.10.7" | - |
Affected
| ||||||
| Xwiki Search vendor "Xwiki" | Xwiki Search vendor "Xwiki" for product "Xwiki" | >= 14.0.0 < 14.4.2 Search vendor "Xwiki" for product "Xwiki" and version " >= 14.0.0 < 14.4.2" | - |
Affected
| ||||||
| Xwiki Search vendor "Xwiki" | Xwiki Search vendor "Xwiki" for product "Xwiki" | 6.4 Search vendor "Xwiki" for product "Xwiki" and version "6.4" | milestone2 |
Affected
| ||||||
| Xwiki Search vendor "Xwiki" | Xwiki Search vendor "Xwiki" for product "Xwiki" | 6.4 Search vendor "Xwiki" for product "Xwiki" and version "6.4" | milestone3 |
Affected
| ||||||
| Xwiki Search vendor "Xwiki" | Xwiki Search vendor "Xwiki" for product "Xwiki" | 14.4.3 Search vendor "Xwiki" for product "Xwiki" and version "14.4.3" | - |
Affected
| ||||||
| Xwiki Search vendor "Xwiki" | Xwiki Search vendor "Xwiki" for product "Xwiki" | 14.4.4 Search vendor "Xwiki" for product "Xwiki" and version "14.4.4" | - |
Affected
| ||||||