Vulnerability Details : CVE-2023-26475
XWiki Platform is a generic wiki platform. Starting in version 2.3-milestone-1, the annotation displayer does not execute the content in a restricted context. This allows executing anything with the right of the author of any document by annotating the document. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. There is no easy workaround except to upgrade.
Products affected by CVE-2023-26475
- cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*
- cpe:2.3:a:xwiki:xwiki:2.3:milestone1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-26475
0.36%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 72 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-26475
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST | |
9.9
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
3.1
|
6.0
|
GitHub, Inc. |
CWE ids for CVE-2023-26475
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by:
- nvd@nist.gov (Primary)
- security-advisories@github.com (Secondary)
-
The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.Assigned by: security-advisories@github.com (Secondary)
References for CVE-2023-26475
-
https://jira.xwiki.org/browse/XWIKI-20360
[XWIKI-20360] RCE in Annotations - XWiki.org JIRAExploit;Issue Tracking;Patch;Vendor Advisory
-
https://github.com/xwiki/xwiki-platform/commit/d87d7bfd8db18c20d3264f98c6deefeae93b99f7
XWIKI-20384: Use the new textarea restricted setup in comments · xwiki/xwiki-platform@d87d7bf · GitHubPatch
-
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h6f5-8jj5-cxhr
RCE in Annotations · Advisory · xwiki/xwiki-platform · GitHubExploit;Vendor Advisory
-
https://jira.xwiki.org/browse/XWIKI-20384
[XWIKI-20384] Use the new textarea restricted setup in comments - XWiki.org JIRAIssue Tracking;Patch;Vendor Advisory
Jump to