Vulnerability Description
XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights `WikiManager.DeleteWiki` can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the `wikiId` url parameter. The problem has been patched on XWiki 13.10.11, 14.4.7, and 14.10.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xwiki | Xwiki | < 13.10.11 |
Related Weaknesses (CWE)
References
- https://github.com/xwiki/xwiki-platform/commit/ba4c76265b0b8a5e2218be400d18f0839Patch
- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-w7v9-fc49-4qg4ExploitPatchVendor Advisory
- https://jira.xwiki.org/browse/XWIKI-20297ExploitIssue Tracking
- https://github.com/xwiki/xwiki-platform/commit/ba4c76265b0b8a5e2218be400d18f0839Patch
- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-w7v9-fc49-4qg4ExploitPatchVendor Advisory
- https://jira.xwiki.org/browse/XWIKI-20297ExploitIssue Tracking
FAQ
What is CVE-2023-29211?
CVE-2023-29211 is a vulnerability with a CVSS score of 9.9 (CRITICAL). XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights `WikiManager.DeleteWiki` can execute arbitrary Groovy, Python or Velocity code in XWik...
How severe is CVE-2023-29211?
CVE-2023-29211 has been rated CRITICAL with a CVSS base score of 9.9/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-29211?
Check the references section above for vendor advisories and patch information. Affected products include: Xwiki Xwiki.