VYPR

CWE-95

Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

VariantIncompleteLikelihood: Medium

Description

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-35

CVEs mapped to this weakness (115)

page 6 of 6
  • CVE-2023-29509Apr 16, 2023
    risk 0.00cvss epss 0.76

    XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is…

  • CVE-2023-29214Apr 16, 2023
    risk 0.00cvss epss 0.01

    XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with edit rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the included…

  • CVE-2023-29212Apr 16, 2023
    risk 0.00cvss epss 0.01

    XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with edit rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the included…

  • CVE-2023-29211Apr 16, 2023
    risk 0.00cvss epss 0.01

    XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights `WikiManager.DeleteWiki` can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper…

  • CVE-2023-29210Apr 15, 2023
    risk 0.00cvss epss 0.01

    XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the notification preferences macros can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access…

  • CVE-2023-29209Apr 15, 2023
    risk 0.00cvss epss 0.01

    XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the legacy notification activity macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full…

  • CVE-2023-26477Mar 2, 2023
    risk 0.00cvss epss 0.75

    XWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script macros via the `newThemeName` request parameter (URL parameter), in combination with additional…

  • CVE-2022-41931Nov 23, 2022
    risk 0.00cvss epss 0.01

    xwiki-platform-icon-ui is vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). Any user with view rights on commonly accessible documents including the icon picker macro can execute arbitrary Groovy, Python or Velocity code in…

  • CVE-2022-41928Nov 23, 2022
    risk 0.00cvss epss 0.01

    XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml. The issue can also be reproduced by inserting the dangerous payload in the `height` or `alt` macro properties. This has been patched in…

  • CVE-2022-36100Sep 8, 2022
    risk 0.00cvss epss 0.74

    XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform. Starting with version 1.7 in XWiki Platform Applications Tag and prior to 13.10.6 and 14.4 in XWiki Platform Tag UI, the tags document `Main.Tags` in XWiki didn't…

  • CVE-2022-36099Sep 8, 2022
    risk 0.00cvss epss 0.76

    XWiki Platform Wiki UI Main Wiki is software for managing subwikis on XWiki Platform, a generic wiki platform. Starting with version 5.3-milestone-2 and prior to versions 13.10.6 and 14.4, it's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script…

  • CVE-2022-36010Aug 15, 2022
    risk 0.00cvss epss 0.01

    This library allows strings to be parsed as functions and stored as a specialized component, [`JsonFunctionValue`](https://github.com/oxyno-zeta/react-editable-json-tree/blob/09a0ca97835b0834ad054563e2fddc6f22bc5d8c/src/components/JsonFunctionValue.js). To do this, Javascript's…

  • CVE-2022-31181Aug 1, 2022
    risk 0.00cvss epss 0.05

    PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised…

  • CVE-2020-5256Mar 9, 2020
    risk 0.00cvss epss 0.02

    BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where…

  • CVE-2020-5217Jan 23, 2020
    risk 0.00cvss epss 0.02

    In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/override_content_security_policy_directives, a semicolon could be injected leading to directive…