Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-55663

UNKNOWN
Published 2024-12-12T18:53:49.491Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-55663. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

XWiki Platform is a generic wiki platform. Starting in version 6.3-milestone-2 and prior to versions 13.10.5 and 14.3-rc-1, in `getdocument.vm`; the ordering of the returned documents is defined from an unsanitized request parameter (request.sort) and can allow any user to inject HQL. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This has been patched in 13.10.5 and 14.3-rc-1. There is no known workaround, other than upgrading XWiki.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

xwiki

xwiki-platform

Affected Versions:

>= 6.3-milestone-2, < 13.10.5 >= 14.0-rc-1, < 14.3-rc-1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed HIGH

XWiki Platform has an SQL injection in getdocuments.vm with sort parameter

GHSA-wh34-m772-5398

Advisory Details

### Impact In `getdocument.vm` ; the ordering of the returned documents is defined from an unsanitized request parameter (request.sort) and can allow any user to inject HQL. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. It's possible to employ database backend dependent techniques of breaking out of HQL query context, described, for example, here: https://www.sonarsource.com/blog/exploiting-hibernate-injections. ### Patches This has been patched in 13.10.5 and 14.3-rc-1. ### Workarounds There is no known workaround, other than upgrading XWiki. ### References https://jira.xwiki.org/browse/XWIKI-17568 ### For more information If you have any questions or comments about this advisory: * Open an issue in [Jira XWiki.org](https://jira.xwiki.org/) * Email us at [Security Mailing List](mailto:[email protected])

Affected Packages

Maven org.xwiki.platform:xwiki-platform-distribution-war
ECOSYSTEM: ≥6.3-milestone-2 <13.10.5
Maven org.xwiki.platform:xwiki-platform-distribution-war
ECOSYSTEM: ≥14.0-rc-1 <14.3-rc-1

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

WEB https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wh34-m772-5398
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-55663
WEB https://github.com/xwiki/xwiki-platform/commit/673076e2e8b88a36cdeaf7007843aa9ca1a068a0
PACKAGE https://github.com/xwiki/xwiki-platform
WEB https://jira.xwiki.org/browse/XWIKI-17568

Advisory provided by GitHub Security Advisory Database. Published: December 12, 2024, Modified: December 16, 2024

References

https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wh34-m772-5398
https://github.com/xwiki/xwiki-platform/commit/673076e2e8b88a36cdeaf7007843aa9ca1a068a0
https://jira.xwiki.org/browse/XWIKI-17568
Published: 2024-12-12T18:53:49.491Z
Last Modified: 2024-12-16T18:08:43.496Z
Copied to clipboard!