CVE-2024-31986
XWiki Platform CSRF remote code execution through scheduler job's document reference
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
XWiki Platform is a generic wiki platform. Starting in version 3.1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, by creating a document with a special crafted documented reference and an `XWiki.SchedulerJobClass` XObject, it is possible to execute arbitrary code on the server whenever an admin visits the scheduler page or the scheduler page is referenced, e.g., via an image in a comment on a page in the wiki. The vulnerability has been fixed in XWiki 14.10.19, 15.5.5, and 15.9. As a workaround, apply the patch manually by modifying the `Scheduler.WebHome` page.
XWiki Platform es una plataforma wiki genérica. A partir de la versión 3.1 y anteriores a las versiones 4.10.19, 15.5.4 y 15.10-rc-1, al crear un documento con una referencia documentada especialmente manipulada y un XObject `XWiki.SchedulerJobClass`, es posible ejecutar código arbitrario en el servidor cada vez que un administrador visita la página del programador o se hace referencia a la página del programador, por ejemplo, a través de una imagen en un comentario en una página de la wiki. La vulnerabilidad se solucionó en XWiki 14.10.19, 15.5.5 y 15.9. Como workaround, aplique el parche manualmente modificando la página `Scheduler.WebHome`.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-04-08 CVE Reserved
- 2024-04-10 CVE Published
- 2024-04-11 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
- CWE-352: Cross-Site Request Forgery (CSRF)
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://github.com/xwiki/xwiki-platform/commit/8a92cb4bef7e5f244ae81eed3e64fe9be95827cf | X_refsource_misc | |
| https://github.com/xwiki/xwiki-platform/commit/efd3570f3e5e944ec0ad0899bf799bf9563aef87 | X_refsource_misc | |
| https://github.com/xwiki/xwiki-platform/commit/f30d9c641750a3f034b5910c6a3a7724ae8f2269 | X_refsource_misc | |
| https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-37m4-hqxv-w26g | X_refsource_confirm | |
| https://jira.xwiki.org/browse/XWIKI-21416 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xwiki Search vendor "Xwiki" | Xwiki-platform Search vendor "Xwiki" for product "Xwiki-platform" | >= 3.1.0 < 14.10.19 Search vendor "Xwiki" for product "Xwiki-platform" and version " >= 3.1.0 < 14.10.19" | en |
Affected
| ||||||
| Xwiki Search vendor "Xwiki" | Xwiki-platform Search vendor "Xwiki" for product "Xwiki-platform" | >= 15.0.0 < 15.5.4 Search vendor "Xwiki" for product "Xwiki-platform" and version " >= 15.0.0 < 15.5.4" | en |
Affected
| ||||||
| Xwiki Search vendor "Xwiki" | Xwiki-platform Search vendor "Xwiki" for product "Xwiki-platform" | >= 15.6 < 15.9 Search vendor "Xwiki" for product "Xwiki-platform" and version " >= 15.6 < 15.9" | en |
Affected
| ||||||