Описание
XWiki Platform Attachment UI provides a macro to easily upload and select attachments for XWiki Platform, a generic wiki platform. Starting with version 14.0-rc-1 and prior to 14.4-rc-1, it's possible to store JavaScript in an attachment name, which will be executed by anyone trying to move the corresponding attachment. This issue has been patched in XWiki 14.4-rc-1. As a workaround, one may copy moveStep1.vm to webapp/xwiki/templates/moveStep1.vm and replace vulnerable code with code from the patch.
Ссылки
- PatchThird Party Advisory
- ExploitThird Party Advisory
- ExploitVendor Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- ExploitThird Party Advisory
- ExploitVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 14.0 (включая) до 14.3 (исключая)
cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.44185
Средний
8.9 High
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 8.9
github
больше 3 лет назад
XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form
EPSS
Процентиль: 97%
0.44185
Средний
8.9 High
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79