Multiple vulnerabilities in XWiki platform
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2023-50723 CVE-2023-50720 CVE-2023-50721 CVE-2023-50719 CVE-2023-50722 |
| CWE-ID | CWE-94 CWE-200 CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
XWiki platform Web applications / CMS |
| Vendor | XWiki |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Code Injection
EUVDB-ID: #VU84516
Risk: Medium
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-50723
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A remote user with ability to edit a wiki page can inject and and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsXWiki platform: 2.3-milestone-1 - 15.5.1
CPE2.3- cpe:2.3:a:xwiki:xwiki-platform:2.3-milestone-1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:4.2:*:*:*:*:*:*:*
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qj86-p74r-7wp5
https://github.com/xwiki/xwiki-platform/commit/0f367aaae4e0696f61cf5a67a75edd27d1d16db6
https://github.com/xwiki/xwiki-platform/commit/1157c1ecea395aac7f64cd8a6f484b1225416dc7
https://github.com/xwiki/xwiki-platform/commit/749f6aee1bfbcf191c3734ea0aa9eba3aa63240e
https://github.com/xwiki/xwiki-platform/commit/bd82be936c21b65dee367d558e3050b9b6995713
https://jira.xwiki.org/browse/XWIKI-21121
https://jira.xwiki.org/browse/XWIKI-21122
https://jira.xwiki.org/browse/XWIKI-21194
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU84515
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-50720
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the Solr-based search in XWiki. A remote user can obtain email addresses of other web application users even when obfuscation of email addresses is enabled.
MitigationInstall updates from vendor's website.
Vulnerable software versionsXWiki platform: - - 15.5.1
CPE2.3- cpe:2.3:a:xwiki:xwiki-platform:15.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:4.3.1:*:*:*:*:*:*:*
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-2grh-gr37-2283
https://github.com/xwiki/xwiki-platform/commit/3e5272f2ef0dff06a8f4db10afd1949b2f9e6eea
https://jira.xwiki.org/browse/XWIKI-20371
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Code Injection
EUVDB-ID: #VU84514
Risk: Low
CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-50721
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation within the search administration interface. A remote privileged user can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsXWiki platform: 4.5 - 15.5.1
CPE2.3- cpe:2.3:a:xwiki:xwiki-platform:4.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:5.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:6.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:6.3:rc-1:*:*:*:*:*:*
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-7654-vfh6-rw6x
https://github.com/xwiki/xwiki-platform/commit/62863736d78ffd60d822279c5fb7fb9593042766
https://jira.xwiki.org/browse/XWIKI-21200
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU84504
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-50719
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the Solr-based search in XWiki discloses the password hashes of all users to anyone with view right on the respective user profiles. A remote attacker can gain unauthorized access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsXWiki platform: 7.2 - 15.5.1
CPE2.3- cpe:2.3:a:xwiki:xwiki-platform:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:7.3:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:7.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:8.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:8.3:rc-1:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:8.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki-platform:9.11.9:*:*:*:*:*:*:*
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-p6cp-6r35-32mh
https://github.com/xwiki/xwiki-platform/commit/3e5272f2ef0dff06a8f4db10afd1949b2f9e6eea
https://jira.xwiki.org/browse/XWIKI-21208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Cross-site scripting
EUVDB-ID: #VU84502
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-50722
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in in XWiki.ConfigurableClass. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsXWiki platform: 2.3-milestone-1 - 15.5.1
CPE2.3 External linkshttps://github.com/xwiki/xwiki-platform/security/advisories/GHSA-cp3j-273x-3jxc
https://github.com/xwiki/xwiki-platform/commit/5e14c8d08fd0c5b619833d35090b470aa4cb52b0
https://jira.xwiki.org/browse/XWIKI-21167
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
