org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability
GHSA-w7v9-fc49-4qg4 · CVE-2023-29211
Published · Modified
Description
Impact
Any user with view rights WikiManager.DeleteWiki can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the wikiId url parameter.
A proof of concept exploit is to open
Patches
The problem has been patched on XWiki 13.10.11, 14.4.7, and 14.10.
Workarounds
The issue can be fixed manually applying this patch.
If you have any questions or comments about this advisory:
- Open an issue in Jira XWiki.org
- Email us at Security Mailing List
References
- WEB https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-w7v9-fc49-4qg4
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-29211
- WEB https://github.com/xwiki/xwiki-platform/commit/ba4c76265b0b8a5e2218be400d18f08393fe1428#diff-64f39f5f2cc8c6560a44e21a5cfd509ef00e8a2157cd9847c9940a2e08ea43d1R63-R64
- PACKAGE https://github.com/xwiki/xwiki-platform
- WEB https://jira.xwiki.org/browse/XWIKI-20297
Ready to move
Start Securing
Free, no credit card | First findings in minutes