Change Request Application vulnerable to XSS and remote code execution through change request title
Description
Change Request is an pplication allowing users to request changes on a wiki without publishing the changes directly. Starting in version 0.11 and prior to version 1.9.2, it's possible for a user without any specific right to perform script injection and remote code execution just by inserting an appropriate title when creating a new Change Request. This vulnerability is particularly critical as Change Request aims at being created by user without any particular rights. The vulnerability has been fixed in Change Request 1.9.2. It's possible to workaround the issue without upgrading by editing the document ChangeRequest.Code.ChangeRequestSheet and by performing the same change as in the fix commit.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.xwiki.contrib.changerequest:application-changerequest-uiMaven | >= 0.11, < 1.9.2 | 1.9.2 |
Affected products
2- ghsa-coordsRange: >= 0.11, < 1.9.2
- Range: >= 0.11, < 1.9.2
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-f776-w9v2-7vfjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-45138ghsaADVISORY
- github.com/xwiki-contrib/application-changerequest/commit/7565e720117f73102f5a276239eabfe85e15cff4ghsax_refsource_MISCWEB
- github.com/xwiki-contrib/application-changerequest/security/advisories/GHSA-f776-w9v2-7vfjghsax_refsource_CONFIRMWEB
- jira.xwiki.org/browse/CRAPP-298ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.