CVE-2023-29204

EUVD-2023-1434
XWiki Commons are technical libraries common to several other top level XWiki projects. It is possible to bypass the existing security measures put in place to avoid open redirect by using a redirect such as `//mydomain.com` (i.e. omitting the `http:`). It was also possible to bypass it when using URL such as `http:/mydomain.com`. The problem has been patched on XWiki 13.10.10, 14.4.4 and 14.8RC1.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
GitHub_MCNA
4.7 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
xwikixwiki
6.0 ≤
𝑥
< 13.10.10
xwikixwiki
14.4.0 ≤
𝑥
< 14.4.4
xwikixwiki
14.5 ≤
𝑥
≤ 14.7
xwikixwiki
6.0:rc1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/xwiki/xwiki-platform/commit/e4f7f68e93cb08c25632c126356d218abf192d1e#diff-c445f288d5d63424f56ef13f65514ab4e174a72e979b53b88197c2b7def267cf
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xwph-x6xj-wggv
https://jira.xwiki.org/browse/XWIKI-10309
https://jira.xwiki.org/browse/XWIKI-19994
https://github.com/xwiki/xwiki-platform/commit/e4f7f68e93cb08c25632c126356d218abf192d1e#diff-c445f288d5d63424f56ef13f65514ab4e174a72e979b53b88197c2b7def267cf
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xwph-x6xj-wggv
https://jira.xwiki.org/browse/XWIKI-10309
https://jira.xwiki.org/browse/XWIKI-19994