CWE-95
AllowedImproper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Abstraction: Variant · Status: Incomplete
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").
262 vulnerabilities reference this CWE, most recent first.
GHSA-9893-CG5G-QPVH
Vulnerability from github – Published: 2024-07-18 21:30 – Updated: 2024-08-01 15:32calculator-boilerplate v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the eval function at /routes/calculator.js. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the input field.
{
"affected": [],
"aliases": [
"CVE-2024-39173"
],
"database_specific": {
"cwe_ids": [
"CWE-95"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-18T20:15:04Z",
"severity": "CRITICAL"
},
"details": "calculator-boilerplate v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the eval function at /routes/calculator.js. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the input field.",
"id": "GHSA-9893-cg5g-qpvh",
"modified": "2024-08-01T15:32:05Z",
"published": "2024-07-18T21:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39173"
},
{
"type": "WEB",
"url": "http://kropov.com/calculator-boilerplate-cve.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-992C-C9RW-RH86
Vulnerability from github – Published: 2025-08-18 21:31 – Updated: 2025-08-18 21:31TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval() function.
{
"affected": [],
"aliases": [
"CVE-2025-55585"
],
"database_specific": {
"cwe_ids": [
"CWE-95"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-18T20:15:30Z",
"severity": "MODERATE"
},
"details": "TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval() function.",
"id": "GHSA-992c-c9rw-rh86",
"modified": "2025-08-18T21:31:20Z",
"published": "2025-08-18T21:31:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55585"
},
{
"type": "WEB",
"url": "https://github.com/goldenGlow21/softwares_PoC/blob/main/A3002R_V4/Eval%20Injection/PoC.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9GFF-5V8W-X922
Vulnerability from github – Published: 2025-02-20 12:31 – Updated: 2025-02-20 20:18A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.
This issue affects DocsGPT: from 0.8.1 through 0.12.0.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "docsgpt"
},
"ranges": [
{
"events": [
{
"introduced": "0.8.1"
},
{
"last_affected": "0.12.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-0868"
],
"database_specific": {
"cwe_ids": [
"CWE-77",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-20T20:18:36Z",
"nvd_published_at": "2025-02-20T12:15:10Z",
"severity": "CRITICAL"
},
"details": "A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.\n\nThis issue affects DocsGPT: from 0.8.1 through 0.12.0.",
"id": "GHSA-9gff-5v8w-x922",
"modified": "2025-02-20T20:18:36Z",
"published": "2025-02-20T12:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0868"
},
{
"type": "WEB",
"url": "https://cert.pl/en/posts/2025/02/CVE-2025-0868"
},
{
"type": "WEB",
"url": "https://cert.pl/posts/2025/02/CVE-2025-0868"
},
{
"type": "WEB",
"url": "https://github.com/arc53/DocsGPT"
},
{
"type": "PACKAGE",
"url": "https://github.com/arc53/docsgpt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "DocsGPT Allows Remote Code Execution"
}
GHSA-9GQ6-6936-885W
Vulnerability from github – Published: 2024-09-12 15:33 – Updated: 2024-09-16 22:32An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT’ query containing Python code is run against a database created with the ChromaDB engine, the code will be passed to an eval function and executed on the server.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "mindsdb"
},
"ranges": [
{
"events": [
{
"introduced": "23.12.4.0"
},
{
"fixed": "24.7.4.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-45848"
],
"database_specific": {
"cwe_ids": [
"CWE-94",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2024-09-12T17:03:57Z",
"nvd_published_at": "2024-09-12T13:15:13Z",
"severity": "HIGH"
},
"details": "An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted \u2018INSERT\u2019 query containing Python code is run against a database created with the ChromaDB engine, the code will be passed to an eval function and executed on the server.",
"id": "GHSA-9gq6-6936-885w",
"modified": "2024-09-16T22:32:50Z",
"published": "2024-09-12T15:33:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45848"
},
{
"type": "WEB",
"url": "https://github.com/mindsdb/mindsdb/commit/11a4db792ad36cf704f7307c7602128b17752c80"
},
{
"type": "PACKAGE",
"url": "https://github.com/mindsdb/mindsdb"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/mindsdb/PYSEC-2024-78.yaml"
},
{
"type": "WEB",
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "MindsDB Eval Injection vulnerability"
}
GHSA-9HGR-QWGW-X8PP
Vulnerability from github – Published: 2026-05-11 18:31 – Updated: 2026-05-12 21:31The flash-attention project thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 (2025-13-04) contains a code injection vulnerability (CWE-94) in its training script. The script registers the Python eval() function as a Hydra configuration resolver under the name eval. This allows configuration files to execute arbitrary Python code via the ${eval:...} syntax. An attacker can exploit this by providing a malicious configuration file, leading to arbitrary code execution when the training script is run with that configuration.
{
"affected": [],
"aliases": [
"CVE-2026-31254"
],
"database_specific": {
"cwe_ids": [
"CWE-95"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-11T17:16:20Z",
"severity": "HIGH"
},
"details": "The flash-attention project thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 (2025-13-04) contains a code injection vulnerability (CWE-94) in its training script. The script registers the Python eval() function as a Hydra configuration resolver under the name eval. This allows configuration files to execute arbitrary Python code via the ${eval:...} syntax. An attacker can exploit this by providing a malicious configuration file, leading to arbitrary code execution when the training script is run with that configuration.",
"id": "GHSA-9hgr-qwgw-x8pp",
"modified": "2026-05-12T21:31:32Z",
"published": "2026-05-11T18:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31254"
},
{
"type": "WEB",
"url": "https://www.notion.so/CVE-2026-31254-35d1e139318881a19003f0d635ff00df"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-9HQH-FMHG-VQ2J
Vulnerability from github – Published: 2022-11-21 22:34 – Updated: 2022-11-21 22:34Impact
Any user with the right to edit his personal page can follow one of the scenario below:
Scenario 1:
- Log in as a simple user with just edit rights on the user profile
- Go to the user's profile
- Upload an attachment in the attachment tab at the bottom of the page (any image is fine)
- Click on "rename" in the attachment list and enter {{async async="true" cached="false" context="doc.reference"}}{{groovy}}println("Hello from groovy!"){{/groovy}}{{/async}}.png as new attachment name and submit the rename
- Go back to the user profile
- Click on the edit icon on the user avatar
- Hello from groovy! is displayed as the title of the attachment
Scenario 2:
- Log in as a simple user with just edit rights on a page
- Create a Page MyPage.WebHome
- Create an XClass field of type String named avatar
- Add an XObject of type MyPage.WebHome on the page
- Insert an attachmentSelector macro in the document with the following values:
- classname: MyPage.WebHome
- property: avatar
- savemode: direct
- displayImage: true
- width: ]] {{async async="true" cached="false" context="doc.reference"}}{{groovy}}println("Hello from groovy!"){{/groovy}}{{/async}}. You'll find below a snippet of an attachmentSelector macro declaration.
- Display the page
- Use the attachment picker to select an image
- Hello from groovy is displayed aside the image
Example of an attachmentSelector macro declaration:
`{{attachmentSelector classname="MyPage.WebHome" property="avatar" savemode="direct" displayImage="true" width="]] {{async async=~"true~" cached=~"false~" context=~"doc.reference~"~}~}{{groovy~}~}println(~"Hello from groovy!~"){{/groovy~}~}{{/async~}~}"/}}`
Note: The issue can also be reproduced by inserting the dangerous payload in the height or alt macro properties.
Patches
The issue can be fixed on a running wiki by updating XWiki.AttachmentSelector with the versions below:
- 14.5-rc-1+: https://github.com/xwiki/xwiki-platform/commit/eb15147adf94bddb92626f862c1710d45bcd64a7#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23
- 14.4.2+: https://github.com/xwiki/xwiki-platform/commit/c02f8eb1f3c953d124f2c097021536f8bc00fa8d#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23
- 13.10.7+: https://github.com/xwiki/xwiki-platform/commit/efd0df0468d46149ba68b66660b93f31b6318515#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23
Workarounds
No known workaround.
References
- https://jira.xwiki.org/browse/XWIKI-19800
For more information
If you have any questions or comments about this advisory: - Open an issue in Jira XWiki.org - Email us at Security Mailing List
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-attachment-ui"
},
"ranges": [
{
"events": [
{
"introduced": "5.0-milestone-1"
},
{
"fixed": "13.10.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-attachment-ui"
},
"ranges": [
{
"events": [
{
"introduced": "14.0.0"
},
{
"fixed": "14.4.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-41928"
],
"database_specific": {
"cwe_ids": [
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2022-11-21T22:34:57Z",
"nvd_published_at": "2022-11-23T19:15:00Z",
"severity": "CRITICAL"
},
"details": "### Impact\nAny user with the right to edit his personal page can follow one of the scenario below:\n\n**Scenario 1**:\n- Log in as a simple user with just edit rights on the user profile\n- Go to the user\u0027s profile\n- Upload an attachment in the attachment tab at the bottom of the page (any image is fine)\n- Click on \"rename\" in the attachment list and enter `{{async async=\"true\" cached=\"false\" context=\"doc.reference\"}}{{groovy}}println(\"Hello from groovy!\"){{/groovy}}{{/async}}.png` as new attachment name and submit the rename\n- Go back to the user profile\n- Click on the edit icon on the user avatar\n- `Hello from groovy!` is displayed as the title of the attachment\n\n**Scenario 2**:\n- Log in as a simple user with just edit rights on a page\n- Create a Page `MyPage.WebHome`\n- Create an XClass field of type String named `avatar`\n- Add an XObject of type `MyPage.WebHome` on the page\n- Insert an `attachmentSelector` macro in the document with the following values:\n - **classname**: `MyPage.WebHome`\n - **property**: `avatar`\n - **savemode**: `direct`\n - **displayImage**: `true`\n - **width**: `]] {{async async=\"true\" cached=\"false\" context=\"doc.reference\"}}{{groovy}}println(\"Hello from groovy!\"){{/groovy}}{{/async}}`. You\u0027ll find below a snippet of an `attachmentSelector` macro declaration.\n- Display the page\n- Use the attachment picker to select an image\n- `Hello from groovy` is displayed aside the image\n\nExample of an `attachmentSelector` macro declaration:\n```\n`{{attachmentSelector classname=\"MyPage.WebHome\" property=\"avatar\" savemode=\"direct\" displayImage=\"true\" width=\"]] {{async async=~\"true~\" cached=~\"false~\" context=~\"doc.reference~\"~}~}{{groovy~}~}println(~\"Hello from groovy!~\"){{/groovy~}~}{{/async~}~}\"/}}`\n```\n\n**Note**: The issue can also be reproduced by inserting the dangerous payload in the `height` or `alt` macro properties.\n\n### Patches\nThe issue can be fixed on a running wiki by updating `XWiki.AttachmentSelector` with the versions below:\n\n- 14.5-rc-1+: https://github.com/xwiki/xwiki-platform/commit/eb15147adf94bddb92626f862c1710d45bcd64a7#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23\n- 14.4.2+: https://github.com/xwiki/xwiki-platform/commit/c02f8eb1f3c953d124f2c097021536f8bc00fa8d#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23\n- 13.10.7+: https://github.com/xwiki/xwiki-platform/commit/efd0df0468d46149ba68b66660b93f31b6318515#diff-e1513599ab698991f6cbba55d38f3f464432ced8d137a668b1f7618c7e747e23\n\n### Workarounds\nNo known workaround.\n\n### References\n- https://jira.xwiki.org/browse/XWIKI-19800\n\n### For more information\nIf you have any questions or comments about this advisory:\n- Open an issue in [Jira XWiki.org](https://jira.xwiki.org/)\n- Email us at [Security Mailing List](mailto:security@xwiki.org)\n",
"id": "GHSA-9hqh-fmhg-vq2j",
"modified": "2022-11-21T22:34:57Z",
"published": "2022-11-21T22:34:57Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9hqh-fmhg-vq2j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41928"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-19800"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027) in AttachmentSelector.xml"
}
GHSA-9JPV-C7P4-997X
Vulnerability from github – Published: 2026-07-13 17:20 – Updated: 2026-07-13 17:20Summary
An remote code execution vulnerability exists in RequestManager due to the use of eval on untrusted input that allows any authenticated user to run code/commands on the DIRAC server as the system user running the DIRAC services.
Details
The export_getRequestCountersWeb function is callable by any authenticated user and just passes its parameters directly to the database instance: https://github.com/DIRACGrid/DIRAC/blob/f7e0a3ac153315030fb3520e8ca747f013758967/src/DIRAC/RequestManagementSystem/Service/ReqManagerHandler.py#L270
If the groupingAttribute string is unrecognised, Request. is prepended to it and the result is passed into an eval() call:
https://github.com/DIRACGrid/DIRAC/blob/f7e0a3ac153315030fb3520e8ca747f013758967/src/DIRAC/RequestManagementSystem/DB/RequestDB.py#L766-L776
By passing in a dunder string that is applicable to the Request object, it's possible to work back up to functions in the os module and trigger them to be called in the server context.
There are other uses of eval in ReqManager/RequestDB which may be equally accessible.
Impact
This allows any authenticated user to run commands on the server, which allows a full compromise of the DIRAC system (they can read the local dirac.cfg, get database passwords and export all stored proxies and tokens). If local logging is used, they can also remove evidence of the exploit from the log (it leaves an exception printout in the RequestManager log when used).
Patched versions:
https://pypi.org/project/DIRAC/8.0.79/ https://pypi.org/project/DIRAC/9.0.22/ https://pypi.org/project/DIRAC/9.1.10/
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "DIRAC"
},
"ranges": [
{
"events": [
{
"introduced": "6"
},
{
"fixed": "8.0.79"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "DIRAC"
},
"ranges": [
{
"events": [
{
"introduced": "8.1.0a1"
},
{
"fixed": "9.0.22"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "DIRAC"
},
"ranges": [
{
"events": [
{
"introduced": "9.1.0"
},
{
"fixed": "9.1.10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-45579"
],
"database_specific": {
"cwe_ids": [
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-13T17:20:18Z",
"nvd_published_at": null,
"severity": "CRITICAL"
},
"details": "### Summary\nAn remote code execution vulnerability exists in RequestManager due to the use of eval on untrusted input that allows any authenticated user to run code/commands on the DIRAC server as the system user running the DIRAC services.\n\n### Details\nThe export_getRequestCountersWeb function is callable by any authenticated user and just passes its parameters directly to the database instance:\nhttps://github.com/DIRACGrid/DIRAC/blob/f7e0a3ac153315030fb3520e8ca747f013758967/src/DIRAC/RequestManagementSystem/Service/ReqManagerHandler.py#L270\n\nIf the groupingAttribute string is unrecognised, `Request.` is prepended to it and the result is passed into an `eval()` call:\nhttps://github.com/DIRACGrid/DIRAC/blob/f7e0a3ac153315030fb3520e8ca747f013758967/src/DIRAC/RequestManagementSystem/DB/RequestDB.py#L766-L776\n\nBy passing in a dunder string that is applicable to the Request object, it\u0027s possible to work back up to functions in the os module and trigger them to be called in the server context.\n\nThere are other uses of eval in ReqManager/RequestDB which may be equally accessible.\n\n### Impact\nThis allows any authenticated user to run commands on the server, which allows a full compromise of the DIRAC system (they can read the local dirac.cfg, get database passwords and export all stored proxies and tokens). If local logging is used, they can also remove evidence of the exploit from the log (it leaves an exception printout in the RequestManager log when used).\n\n### Patched versions:\nhttps://pypi.org/project/DIRAC/8.0.79/\nhttps://pypi.org/project/DIRAC/9.0.22/\nhttps://pypi.org/project/DIRAC/9.1.10/",
"id": "GHSA-9jpv-c7p4-997x",
"modified": "2026-07-13T17:20:19Z",
"published": "2026-07-13T17:20:18Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/DIRACGrid/DIRAC/security/advisories/GHSA-9jpv-c7p4-997x"
},
{
"type": "PACKAGE",
"url": "https://github.com/DIRACGrid/DIRAC"
},
{
"type": "WEB",
"url": "https://pypi.org/project/DIRAC/8.0.79"
},
{
"type": "WEB",
"url": "https://pypi.org/project/DIRAC/9.0.22"
},
{
"type": "WEB",
"url": "https://pypi.org/project/DIRAC/9.1.10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "DIRAC is vulnerable to RCE in RequestManager due to eval on untrusted input"
}
GHSA-9PC2-X9QF-7J2Q
Vulnerability from github – Published: 2023-04-12 20:35 – Updated: 2023-04-16 07:16Impact
Any user with view rights on commonly accessible documents including the legacy notification activity macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the macro parameters of the legacy notification activity macro. This macro is installed by default in XWiki.
A proof of concept exploit is
{{activity wikis="~" /~}~} {{async async=~"true~" cached=~"false~" context=~"doc.reference~"~}~}{{groovy~}~}println(~"Hello from Groovy!~"){{/groovy~}~}"/}}
If the output of this macro is
The [notifications] macro is a standalone macro and it cannot be used inline. Click on this message for details.
Hello from Groovy!" displayMinorEvents="false" displayRSSLink="false" /}}
or similar, the XWiki installation is vulnerable. The vulnerability can be exploited via every wiki page that is editable including the user's profile, but also with just view rights using the HTMLConverter that is part of the CKEditor integration which is bundled with XWiki.
Patches
The vulnerability has been patched in XWiki 13.10.11, 14.4.7 and 14.10.
Workarounds
The issue can be fixed by replacing the code of the legacy notification activity macro by the patched version. Alternatively, if the macro isn't used, the document XWiki.Notifications.Code.Legacy.ActivityMacro can also be completely deleted.
References
- https://github.com/xwiki/xwiki-platform/commit/94392490884635c028199275db059a4f471e57bc
- https://jira.xwiki.org/browse/XWIKI-20258
For more information
If you have any questions or comments about this advisory: * Open an issue in Jira XWiki.org * Email us at Security Mailing List
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro"
},
"ranges": [
{
"events": [
{
"introduced": "10.9"
},
{
"fixed": "13.10.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro"
},
"ranges": [
{
"events": [
{
"introduced": "14.0-rc-1"
},
{
"fixed": "14.4.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro"
},
"ranges": [
{
"events": [
{
"introduced": "14.5"
},
{
"fixed": "14.10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-29209"
],
"database_specific": {
"cwe_ids": [
"CWE-94",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-12T20:35:03Z",
"nvd_published_at": "2023-04-15T17:15:00Z",
"severity": "CRITICAL"
},
"details": "### Impact\n\nAny user with view rights on commonly accessible documents including the legacy notification activity macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the macro parameters of the [legacy notification activity macro](https://extensions.xwiki.org/xwiki/bin/view/Extension/Legacy%20Notification%20Activity%20Macro/). This macro is installed by default in XWiki.\n\nA proof of concept exploit is\n\n```\n{{activity wikis=\"~\" /~}~} {{async async=~\"true~\" cached=~\"false~\" context=~\"doc.reference~\"~}~}{{groovy~}~}println(~\"Hello from Groovy!~\"){{/groovy~}~}\"/}}\n```\n\nIf the output of this macro is\n```\nThe [notifications] macro is a standalone macro and it cannot be used inline. Click on this message for details.\nHello from Groovy!\" displayMinorEvents=\"false\" displayRSSLink=\"false\" /}}\n```\nor similar, the XWiki installation is vulnerable. The vulnerability can be exploited via every wiki page that is editable including the user\u0027s profile, but also with just view rights using the HTMLConverter that is part of the [CKEditor integration](https://extensions.xwiki.org/xwiki/bin/view/Extension/CKEditor%20Integration/) which is bundled with XWiki.\n\n### Patches\nThe vulnerability has been patched in XWiki 13.10.11, 14.4.7 and 14.10.\n\n### Workarounds\nThe issue can be fixed by replacing the code of the legacy notification activity macro by the [patched version](https://github.com/xwiki/xwiki-platform/commit/94392490884635c028199275db059a4f471e57bc). Alternatively, if the macro isn\u0027t used, the document `XWiki.Notifications.Code.Legacy.ActivityMacro` can also be completely deleted.\n\n### References\n* https://github.com/xwiki/xwiki-platform/commit/94392490884635c028199275db059a4f471e57bc\n* https://jira.xwiki.org/browse/XWIKI-20258\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira XWiki.org](https://jira.xwiki.org/)\n* Email us at [Security Mailing List](mailto:security@xwiki.org)\n",
"id": "GHSA-9pc2-x9qf-7j2q",
"modified": "2023-04-16T07:16:33Z",
"published": "2023-04-12T20:35:03Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9pc2-x9qf-7j2q"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29209"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/94392490884635c028199275db059a4f471e57bc"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-20258"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability"
}
GHSA-9XC6-C2RM-F27P
Vulnerability from github – Published: 2025-12-10 15:47 – Updated: 2025-12-11 15:48Impact
Any user who can edit their own user profile or any other document can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. The reason is that rendering output is included as content of HTML macros with insufficient escaping, and it is thus possible to close the HTML macro and inject script macros that are executed with programming rights. To demonstrate, the content {{html}}{{/html {{/html}}}} can be inserted into any field of the user profile that supports wiki syntax like the "About" field. If this leads to the display of raw HTML, the instance is vulnerable.
Patches
This problem has been patched by extending the escaping introduced by XRENDERING-693 to also cover closing HTML macros that have spaces after the macro name in XWiki 16.10.10, 17.4.3 and 17.6.0RC1. A similar fix has been applied in org.xwiki.platform:xwiki-platform-oldcore as an extra safety net, see XWIKI-23378. At this point, we're not aware that this extra safety net would be required for security.
The patch also fixes the injection of opening HTML macro syntaxes, e.g., with {{html}}{{html{{/html}}}} which disrupts the rendering of the user profile but for which we haven't found any further security impact apart from the disruption of the UI.
Workarounds
We're not aware of any workarounds except for upgrading the affected module to a version with a fix.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.rendering:xwiki-rendering-xml"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "16.10.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.rendering:xwiki-rendering-xml"
},
"ranges": [
{
"events": [
{
"introduced": "17.0.0-rc-1"
},
{
"fixed": "17.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.rendering:xwiki-rendering-xml"
},
"ranges": [
{
"events": [
{
"introduced": "17.5.0-rc-1"
},
{
"fixed": "17.6.0-rc-1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-66474"
],
"database_specific": {
"cwe_ids": [
"CWE-94",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-10T15:47:12Z",
"nvd_published_at": "2025-12-10T22:16:28Z",
"severity": "HIGH"
},
"details": "### Impact\nAny user who can edit their own user profile or any other document can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. The reason is that rendering output is included as content of HTML macros with insufficient escaping, and it is thus possible to close the HTML macro and inject script macros that are executed with programming rights. To demonstrate, the content `{{html}}{{/html {{/html}}}}` can be inserted into any field of the user profile that supports wiki syntax like the \"About\" field. If this leads to the display of raw HTML, the instance is vulnerable.\n\n### Patches\nThis problem has been patched by extending the escaping introduced by [XRENDERING-693](https://jira.xwiki.org/browse/XRENDERING-693) to also cover closing HTML macros that have spaces after the macro name in XWiki 16.10.10, 17.4.3 and 17.6.0RC1. A [similar fix](https://github.com/xwiki/xwiki-platform/commit/12b780ccd5bca5fc8f74f46648d7e02fa04fbc11) has been applied in `org.xwiki.platform:xwiki-platform-oldcore` as an extra safety net, see [XWIKI-23378](https://jira.xwiki.org/browse/XWIKI-23378). At this point, we\u0027re not aware that this extra safety net would be required for security.\n\nThe patch also fixes the injection of opening HTML macro syntaxes, e.g., with `{{html}}{{html{{/html}}}}` which disrupts the rendering of the user profile but for which we haven\u0027t found any further security impact apart from the disruption of the UI.\n\n### Workarounds\nWe\u0027re not aware of any workarounds except for upgrading the affected module to a version with a fix.",
"id": "GHSA-9xc6-c2rm-f27p",
"modified": "2025-12-11T15:48:01Z",
"published": "2025-12-10T15:47:12Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-rendering/security/advisories/GHSA-9xc6-c2rm-f27p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66474"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/12b780ccd5bca5fc8f74f46648d7e02fa04fbc11"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-rendering/commit/9b71a2ee035815cfc29cebbfe81dbdd98f941d49"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-rendering"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XRENDERING-693"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XRENDERING-792"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XRENDERING-793"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-23378"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "XWiki vulnerable to remote code execution through insufficient protection against {{/html}} injection"
}
GHSA-C5F4-P5WV-2475
Vulnerability from github – Published: 2023-04-12 20:35 – Updated: 2023-04-26 20:33Impact
Any user with edit rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the included pages in the included documents edit panel.
A proof of concept exploit is to edit a document and add the following code before saving.
{{display reference="{{cache~}~}{{groovy~}~}println(~"Hello from Groovy~" + ~" in included document!~"){{/groovy~}~}{{/cache~}~}"/}}
expected The right had side panels contain:
One included page:
{{cache}}{{groovy}}println("Hello from Groovy" + " in included document!"){{/groovy}}{{/cache}}
actual The right had side panels contain:
One included page:
XWiki.Hello from Groovy in included document!
Patches
The problem has been patched on XWiki 14.4.7, and 14.10.
Workarounds
The issue can be fixed manually applying this patch.
References
- https://github.com/xwiki/xwiki-platform/commit/22f249a0eb9f2a64214628217e812a994419b69f#diff-a51a252f0190274464027342b4e3eafc4ae32de4d9c17ef166e54fc5454c5689R214-R217
- https://jira.xwiki.org/browse/XWIKI-20293
For more information
If you have any questions or comments about this advisory:
- Open an issue in Jira XWiki.org
- Email us at Security Mailing List
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-panels-ui"
},
"ranges": [
{
"events": [
{
"introduced": "14.0-rc-1"
},
{
"fixed": "14.4.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-panels-ui"
},
"ranges": [
{
"events": [
{
"introduced": "14.5"
},
{
"fixed": "14.10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-29212"
],
"database_specific": {
"cwe_ids": [
"CWE-94",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-12T20:35:37Z",
"nvd_published_at": "2023-04-16T07:15:00Z",
"severity": "CRITICAL"
},
"details": "### Impact\nAny user with edit rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the included pages in the included documents edit panel.\n\nA proof of concept exploit is to edit a document and add the following code before saving.\n\n```\n{{display reference=\"{{cache~}~}{{groovy~}~}println(~\"Hello from Groovy~\" + ~\" in included document!~\"){{/groovy~}~}{{/cache~}~}\"/}}\n```\n\n**expected**\nThe right had side panels contain:\n```\nOne included page: \n{{cache}}{{groovy}}println(\"Hello from Groovy\" + \" in included document!\"){{/groovy}}{{/cache}}\n```\n\n**actual**\nThe right had side panels contain:\n```\nOne included page:\n XWiki.Hello from Groovy in included document!\n```\n\n### Patches\nThe problem has been patched on XWiki 14.4.7, and 14.10.\n\n### Workarounds\nThe issue can be fixed manually applying this [patch](https://github.com/xwiki/xwiki-platform/commit/22f249a0eb9f2a64214628217e812a994419b69f#diff-a51a252f0190274464027342b4e3eafc4ae32de4d9c17ef166e54fc5454c5689R214-R217).\n\n### References\n- https://github.com/xwiki/xwiki-platform/commit/22f249a0eb9f2a64214628217e812a994419b69f#diff-a51a252f0190274464027342b4e3eafc4ae32de4d9c17ef166e54fc5454c5689R214-R217\n- https://jira.xwiki.org/browse/XWIKI-20293\n\n### For more information\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [Jira XWiki.org](https://jira.xwiki.org/)\n* Email us at [Security Mailing List](mailto:security@xwiki.org)\n",
"id": "GHSA-c5f4-p5wv-2475",
"modified": "2023-04-26T20:33:28Z",
"published": "2023-04-12T20:35:37Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-c5f4-p5wv-2475"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29212"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/22f249a0eb9f2a64214628217e812a994419b69f#diff-a51a252f0190274464027342b4e3eafc4ae32de4d9c17ef166e54fc5454c5689R214-R217"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-20293"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability"
}
Mitigation
Strategy: Refactoring
If possible, refactor your code so that it does not need to use eval() at all.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation
- Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180, CWE-181). Make sure that your application does not inadvertently decode the same input twice (CWE-174). Such errors could be used to bypass allowlist schemes by introducing dangerous inputs after they have been checked. Use libraries such as the OWASP ESAPI Canonicalization control.
- Consider performing repeated canonicalization until your input does not change any more. This will avoid double-decoding and similar scenarios, but it might inadvertently modify inputs that are allowed to contain properly-encoded dangerous content.
Mitigation
For Python programs, it is frequently encouraged to use the ast.literal_eval() function instead of eval, since it is intentionally designed to avoid executing code. However, an adversary could still cause excessive memory or stack consumption via deeply nested structures [REF-1372], so the python documentation discourages use of ast.literal_eval() on untrusted data [REF-1373].
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.