cnvd - cnvd-2022-13415

cnvd-2022-13415

Vulnerability from cnvd

Title: Xwiki Platform注入漏洞

Description:

Xwiki Platform是法国Xwiki公司的一套用于创建Web协作应用程序的Wiki平台。

XWiki Platform存在注入漏洞，该漏洞源于wiki宏作者的权限执行内容，而不是以该wiki宏的调用者的权限执行内容。目前没有详细漏洞细节提供。

Severity: 低

Patch Name: Xwiki Platform注入漏洞的补丁

Patch Description:

Xwiki Platform是法国Xwiki公司的一套用于创建Web协作应用程序的Wiki平台。

XWiki Platform存在注入漏洞，该漏洞源于wiki宏作者的权限执行内容，而不是以该wiki宏的调用者的权限执行内容。目前没有详细漏洞细节提供。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://jira.xwiki.org/browse/XWIKI-17759

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-21379

Impacted products

Name
['XWiki XWiki Platform <12.6.3', 'XWiki XWiki Platform <11.10.11', 'XWiki XWiki Platform <12.8-rc-1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-21379",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-21379"
    }
  },
  "description": "Xwiki Platform\u662f\u6cd5\u56fdXwiki\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u521b\u5efaWeb\u534f\u4f5c\u5e94\u7528\u7a0b\u5e8f\u7684Wiki\u5e73\u53f0\u3002\n\nXWiki Platform\u5b58\u5728\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ewiki\u5b8f\u4f5c\u8005\u7684\u6743\u9650\u6267\u884c\u5185\u5bb9\uff0c\u800c\u4e0d\u662f\u4ee5\u8be5wiki\u5b8f\u7684\u8c03\u7528\u8005\u7684\u6743\u9650\u6267\u884c\u5185\u5bb9\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://jira.xwiki.org/browse/XWIKI-17759",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-13415",
  "openTime": "2022-02-23",
  "patchDescription": "Xwiki Platform\u662f\u6cd5\u56fdXwiki\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u521b\u5efaWeb\u534f\u4f5c\u5e94\u7528\u7a0b\u5e8f\u7684Wiki\u5e73\u53f0\u3002\r\n\r\nXWiki Platform\u5b58\u5728\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ewiki\u5b8f\u4f5c\u8005\u7684\u6743\u9650\u6267\u884c\u5185\u5bb9\uff0c\u800c\u4e0d\u662f\u4ee5\u8be5wiki\u5b8f\u7684\u8c03\u7528\u8005\u7684\u6743\u9650\u6267\u884c\u5185\u5bb9\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Xwiki Platform\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "XWiki XWiki Platform \u003c12.6.3",
      "XWiki XWiki Platform \u003c11.10.11",
      "XWiki XWiki Platform \u003c12.8-rc-1"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-21379",
  "serverity": "\u4f4e",
  "submitTime": "2021-03-15",
  "title": "Xwiki Platform\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2021-21379 (GCVE-0-2021-21379)

Vulnerability from cvelistv5

Published

2021-03-12 17:30

Modified

2024-08-03 18:09

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE

CWE-281 - Improper Preservation of Permissions

Summary

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform, the `{{wikimacrocontent}}` executes the content with the rights of the wiki macro author instead of the caller of that wiki macro. This makes possible to inject scripts through it and they will be executed with the rights of the wiki macro (very often a user which has Programming rights). Fortunately, no such macro exists by default in XWiki Standard but one could have been created or installed with an extension. This vulnerability has been patched in versions XWiki 12.6.3, 11.10.11 and 12.8-rc-1. There is no easy workaround other than disabling the affected macros. Inserting content in a safe way or knowing what is the user who called the wiki macro is not easy.

References

▼	URL	Tags
	https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-v662-xpcc-9xf6	x_refsource_CONFIRM
	https://jira.xwiki.org/browse/XWIKI-17759	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	xwiki	xwiki-platform	Version: >= 11.4.0, < 11.10.11 Version: >= 12.0.0, < 12.6.3 Version: >= 12.7.0, < 12.8-rc-1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:09:15.922Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-v662-xpcc-9xf6"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jira.xwiki.org/browse/XWIKI-17759"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "xwiki-platform",
          "vendor": "xwiki",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 11.4.0, \u003c 11.10.11"
            },
            {
              "status": "affected",
              "version": "\u003e= 12.0.0, \u003c 12.6.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 12.7.0, \u003c 12.8-rc-1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform, the `{{wikimacrocontent}}` executes the content with the rights of the wiki macro author instead of the caller of that wiki macro. This makes possible to inject scripts through it and they will be executed with the rights of the wiki macro (very often a user which has Programming rights). Fortunately, no such macro exists by default in XWiki Standard but one could have been created or installed with an extension. This vulnerability has been patched in versions XWiki 12.6.3, 11.10.11 and 12.8-rc-1. There is no easy workaround other than disabling the affected macros. Inserting content in a safe way or knowing what is the user who called the wiki macro is not easy."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-281",
              "description": "CWE-281 Improper Preservation of Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-12T17:30:15",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-v662-xpcc-9xf6"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jira.xwiki.org/browse/XWIKI-17759"
        }
      ],
      "source": {
        "advisory": "GHSA-v662-xpcc-9xf6",
        "discovery": "UNKNOWN"
      },
      "title": "It\u0027s possible to execute anything with the rights of the author of a macro which uses the {{wikimacrocontent}} macro",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-21379",
          "STATE": "PUBLIC",
          "TITLE": "It\u0027s possible to execute anything with the rights of the author of a macro which uses the {{wikimacrocontent}} macro"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "xwiki-platform",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 11.4.0, \u003c 11.10.11"
                          },
                          {
                            "version_value": "\u003e= 12.0.0, \u003c 12.6.3"
                          },
                          {
                            "version_value": "\u003e= 12.7.0, \u003c 12.8-rc-1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "xwiki"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform, the `{{wikimacrocontent}}` executes the content with the rights of the wiki macro author instead of the caller of that wiki macro. This makes possible to inject scripts through it and they will be executed with the rights of the wiki macro (very often a user which has Programming rights). Fortunately, no such macro exists by default in XWiki Standard but one could have been created or installed with an extension. This vulnerability has been patched in versions XWiki 12.6.3, 11.10.11 and 12.8-rc-1. There is no easy workaround other than disabling the affected macros. Inserting content in a safe way or knowing what is the user who called the wiki macro is not easy."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-281 Improper Preservation of Permissions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-v662-xpcc-9xf6",
              "refsource": "CONFIRM",
              "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-v662-xpcc-9xf6"
            },
            {
              "name": "https://jira.xwiki.org/browse/XWIKI-17759",
              "refsource": "MISC",
              "url": "https://jira.xwiki.org/browse/XWIKI-17759"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-v662-xpcc-9xf6",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-21379",
    "datePublished": "2021-03-12T17:30:15",
    "dateReserved": "2020-12-22T00:00:00",
    "dateUpdated": "2024-08-03T18:09:15.922Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted