Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS04NjkyLWc2ZzktZ201cM4AAx7U
xwiki contains Exposed Dangerous Method or Function
Impact
org.xwiki.store.script.TemporaryAttachmentsScriptService#uploadTemporaryAttachment is returning an instance of com.xpn.xwiki.doc.XWikiAttachment. This class is not supported to be exposed to users without the programing right.
com.xpn.xwiki.api.Attachment should be used instead and takes case of checking the user's rights before performing dangerous operations.
Patches
This has been patched in the version 14.9-rc-1 and 14.4.6.
Workarounds
There's no workaround for this issue.
References
https://jira.xwiki.org/browse/XWIKI-20180
For more information
If you have any questions or comments about this advisory:
- Open an issue in JIRA
- Email us at security ML
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04NjkyLWc2ZzktZ201cM4AAx7U
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 1 year ago
Updated: about 1 year ago
CVSS Score: 6.6
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Identifiers: GHSA-8692-g6g9-gm5p, CVE-2023-26478
References:
- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8692-g6g9-gm5p
- https://nvd.nist.gov/vuln/detail/CVE-2023-26478
- https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d
- https://jira.xwiki.org/browse/XWIKI-20180
- https://github.com/advisories/GHSA-8692-g6g9-gm5p
Blast Radius: 1.0
Affected Packages
maven:org.xwiki.platform:xwiki-platform-store-filesystem-oldcore
Affected Version Ranges: >= 14.5, < 14.9-rc-1, >= 14.3-rc-1, < 14.4.6Fixed in: 14.9-rc-1, 14.4.6