← volver
CVE-2023-46731

Remote code execution through the section parameter in Administration as guest in XWiki Platform

CVSS 10 CRITICALEPSS 88.5%CWE-94CWE-95
En resumen

XWiki Platform no escapa correctamente el parámetro section en su interfaz de administración, permitiendo que cualquier persona con acceso de lectura (incluidos usuarios no autenticados) ejecute código arbitrario, incluyendo Groovy, comprometiendo toda la seguridad del wiki.

Detalle técnico

La vulnerabilidad resulta de la validación y escape inadecuados del parámetro URL section en XWiki.AdminSheet, explotable mediante solicitudes HTTP GET/POST no autenticadas por usuarios con acceso de lectura predeterminado. Los atacantes pueden inyectar código Groovy que se ejecuta en el servidor con privilegios completos de la plataforma, afectando confidencialidad, integridad y disponibilidad de la instancia XWiki.

Resumen generado y traducido por IA a partir de la descripción oficial.
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki doesn't properly escape the section URL parameter that is used in the code for displaying administration sections. This allows any user with read access to the document `XWiki.AdminSheet` (by default, everyone including unauthenticated users) to execute code including Groovy code. This impacts the confidentiality, integrity and availability of the whole XWiki instance. This vulnerability has been patched in XWiki 14.10.14, 15.6 RC1 and 15.5.1. Users are advised to upgrade. Users unablr to upgrade may apply the fix in commit `fec8e0e53f9` manually. Alternatively, to protect against attacks from unauthenticated users, view right for guests can be removed from this document (it is only needed for space and wiki admins).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Productos afectados
xwiki · xwiki-platform

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/xwiki/xwiki-platform/commit/fec8e0e53f9fa2c3f1e568cc15b0e972727c803ahttps://github.com/xwiki/xwiki-platform/commit/fec8e0e53f9fa2c3f1e568cc15b0e972727c803a#diff-6271f9be501f30b2ba55459eb451aee3413d34171ba8198a77c865306d174e23https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-62pr-qqf7-hh89https://jira.xwiki.org/browse/XWIKI-21110