漏洞标题
通过XWiki平台内容菜单中的revision参数反射的跨站脚本漏洞
漏洞描述信息
## 漏洞概述
XWiki Platform 中存在一个反射型跨站脚本(RXSS)漏洞,通过未经过滤的 `rev` 参数在内容菜单中被利用。攻击者可以通过构造带有恶意参数的链接欺骗用户访问,进而以用户身份执行任意动作,包括远程代码(Groovy)执行。
## 影响版本
- XWiki 15.6 RC1
- XWiki 15.5.1
- XWiki 14.10.14
## 漏洞细节
- 漏洞由未过滤的 `rev` 参数引起,攻击者可以构造恶意链接并欺骗用户访问。
- 如果用户具有编程权限,可实现远程代码(Groovy)执行。
- 漏洞细节已修复,修复补丁在 commit `04e325d57`,可手动应用补丁,而无需升级或重启实例。
## 影响
- 攻击者可以执行任意操作,危及整个 XWiki 安装的机密性、完整性和可用性。
- 建议用户升级或手动应用补丁,目前没有已知的解决方法。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞标题
Reflected Cross-site scripting through revision parameter in content menu in XWiki Platform
漏洞描述信息
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting (RXSS) via the `rev` parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a link with a crafted parameter, this allows the attacker to execute arbitrary actions in the name of the user, including remote code (Groovy) execution in the case of a user with programming right, compromising the confidentiality, integrity and availability of the whole XWiki installation. This has been patched in XWiki 15.6 RC1, 15.5.1 and 14.10.14. The patch in commit `04e325d57` can be manually applied without upgrading (or restarting) the instance. Users are advised to upgrade or to manually apply the patch. There are no known workarounds for this vulnerability.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞标题
XWiki Platform 跨站脚本漏洞
漏洞描述信息
XWiki Platform是法国XWiki基金会的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform存在跨站脚本漏洞。攻击者利用该漏洞诱使用户访问带有特制参数的链接,从而以用户的名义执行任意操作,包括执行远程代码(Groovy)。
CVSS信息
N/A
漏洞类别
跨站脚本