XWiki Pre-14.6-rc-1 XSS: Unchecked attributes/links
CVE-2023-32070 Published on May 10, 2023

Improper Neutralization of Script in Attributes in XWiki (X)HTML renderers
XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. There are no known workarounds apart from upgrading to a fixed version.

Github Repository NVD

Vulnerability Analysis

CVE-2023-32070 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2023-32070. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
REQUIRED
Scope:
CHANGED
Confidentiality Impact:
LOW
Integrity Impact:
LOW
Availability Impact:
NONE

Weakness Types

Improper Neutralization of Script in Attributes in a Web Page

The software does not neutralize or incorrectly neutralizes "javascript:" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style.

What is a XSS Vulnerability?

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE-2023-32070 has been classified to as a XSS vulnerability or weakness.


Products Associated with CVE-2023-32070

stack.watch emails you whenever new vulnerabilities are published in Xwiki or Xwiki Rendering. Just hit a watch button to start following.

Xwiki
 
Xwiki Rendering
 

Affected Versions

xwiki-rendering:

Vulnerable Packages

The following package name and versions may be associated with CVE-2023-32070

Package Manager Vulnerable Package Versions Fixed In
maven org.xwiki.rendering:xwiki-rendering-syntax-xhtml < 14.6-rc-1 14.6-rc-1
maven org.xwiki.platform:xwiki-core-rendering-api <= 3.0-milestone-2
maven org.xwiki.rendering:xwiki-rendering-syntax-html < 14.6-rc-1 14.6-rc-1
maven org.xwiki.rendering:xwiki-rendering-syntax-html5 < 14.6-rc-1 14.6-rc-1
maven org.xwiki.rendering:xwiki-rendering-syntax-annotatedxhtml < 14.6-rc-1 14.6-rc-1
maven org.xwiki.rendering:xwiki-rendering-syntax-annotatedhtml5 < 14.6-rc-1 14.6-rc-1
maven org.xwiki.platform:xwiki-platform-annotation-core < 14.6-rc-1 14.6-rc-1

Exploit Probability

EPSS
21.90%
Percentile
95.87%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.