Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS04NjkyLWc2ZzktZ201cM4AAx7U

xwiki contains Exposed Dangerous Method or Function

Impact

org.xwiki.store.script.TemporaryAttachmentsScriptService#uploadTemporaryAttachment is returning an instance of com.xpn.xwiki.doc.XWikiAttachment. This class is not supported to be exposed to users without the programing right.
com.xpn.xwiki.api.Attachment should be used instead and takes case of checking the user's rights before performing dangerous operations.

Patches

This has been patched in the version 14.9-rc-1 and 14.4.6.

Workarounds

There's no workaround for this issue.

References

https://jira.xwiki.org/browse/XWIKI-20180

For more information

If you have any questions or comments about this advisory:

Permalink: https://github.com/advisories/GHSA-8692-g6g9-gm5p
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04NjkyLWc2ZzktZ201cM4AAx7U
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: almost 2 years ago


CVSS Score: 6.6
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L

EPSS Percentage: 0.00106
EPSS Percentile: 0.44509

Identifiers: GHSA-8692-g6g9-gm5p, CVE-2023-26478
References: Repository: https://github.com/xwiki/xwiki-platform
Blast Radius: 1.0

Affected Packages

maven:org.xwiki.platform:xwiki-platform-store-filesystem-oldcore
Affected Version Ranges: >= 14.5, < 14.9-rc-1, >= 14.3-rc-1, < 14.4.6
Fixed in: 14.9-rc-1, 14.4.6