Описание
XWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults
Impact
Any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation.
Patches
The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1.
Workarounds
The vulnerability can be fixed by applying this patch.
On versions before 13.4-rc-1, the fix needs to be applied on XWiki.Like.Code.LiveTableResultPage.
References
- The reported issue https://jira.xwiki.org/browse/XWIKI-20611, fixed by https://jira.xwiki.org/browse/XWIKI-19900
- The patch https://github.com/xwiki/xwiki-platform/commit/6ce2d04a5779e07f6d3ed3f37d4761049b4fc3ac#diff-ef7f8b911bb8e584fda22aac5876a329add35ca0d1d32e0fdb62a439b78cfa49
For more information
If you have any questions or comments about this advisory:
- Open an issue in Jira XWiki.org
- Email us at Security Mailing List
Ссылки
- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rf8j-q39g-7xfm
- https://nvd.nist.gov/vuln/detail/CVE-2023-35152
- https://github.com/xwiki/xwiki-platform/commit/0993a7ab3c102f9ac37ffe361a83a3dc302c0e45#diff-0b51114cb27f7a5c599cf40c59d658eae6ddc5c0836532c3b35e163f40a4854fR39
- https://github.com/xwiki/xwiki-platform/commit/6ce2d04a5779e07f6d3ed3f37d4761049b4fc3ac#diff-ef7f8b911bb8e584fda22aac5876a329add35ca0d1d32e0fdb62a439b78cfa49
- https://jira.xwiki.org/browse/XWIKI-19900
- https://jira.xwiki.org/browse/XWIKI-20611
Пакеты
org.xwiki.platform:xwiki-platform-like-ui
>= 12.9-rc-1, < 14.4.8
14.4.8
org.xwiki.platform:xwiki-platform-like-ui
>= 14.5, < 14.10.6
14.10.6
org.xwiki.platform:xwiki-platform-like-ui
>= 15.0-rc-1, < 15.1
15.1
Связанные уязвимости
XWiki Platform is a generic wiki platform. Starting in version 12.9-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.1, any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation. The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, one may apply the patch manually.
Уязвимость платформы создания совместных веб-приложений XWiki Platform XWiki , связанная с непринятием мер по нейтрализации инструкций в динамически исполняемом коде, позволяющая нарушителю повысить свои привилегии