Login Sign Up

CVE-2023-29507

9.1 CRITICAL
Authentication Bypass

📋 TL;DR

This vulnerability in XWiki Commons allows attackers to manipulate document authorship through the Document script API, bypassing access controls. This can lead to privilege escalation and unauthorized script execution. Affects XWiki installations using vulnerable versions of XWiki Commons libraries.

💻 Affected Systems

Products:
  • XWiki Commons
  • XWiki Platform
Versions: All versions before 14.10 and 14.4.7
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects any XWiki installation using the vulnerable Document script API. XWiki Commons is a dependency for multiple XWiki projects.

📦 What is this software?

Xwiki by Xwiki

View all CVEs affecting Xwiki →

Xwiki by Xwiki

View all CVEs affecting Xwiki →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through privilege escalation to administrative rights, allowing data theft, modification, or destruction.

🟠

Likely Case

Unauthorized access to sensitive documents, privilege escalation to edit protected content, or execution of malicious scripts.

🟢

If Mitigated

Limited impact if proper network segmentation and least privilege principles are enforced, though local privilege escalation may still occur.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access to execute scripts, but once authenticated, the vulnerability is straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: XWiki 14.10 or 14.4.7

Vendor Advisory: https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-pwfv-3cvg-9m4c

Restart Required: Yes

Instructions:

1. Backup your XWiki installation. 2. Upgrade to XWiki 14.10 or 14.4.7. 3. Restart the XWiki application server. 4. Verify the patch is applied by checking the version.

🔧 Temporary Workarounds

Restrict Script Execution

all

Limit script execution permissions to trusted users only through XWiki's rights management.

🧯 If You Can't Patch

  • Implement strict access controls to limit who can execute scripts in XWiki.
  • Monitor and audit all script execution activities for suspicious behavior.

🔍 How to Verify

Check if Vulnerable:

Check XWiki version via Admin interface or by examining the installation directory. If version is below 14.10 and not 14.4.7, it's vulnerable.

Check Version:

Check XWiki Admin dashboard or examine xwiki-version.txt in installation directory.

Verify Fix Applied:

After patching, verify the version is 14.10 or 14.4.7 and test that document authorship cannot be manipulated via script API.

📡 Detection & Monitoring

Log Indicators:

  • Unusual document authorship changes
  • Script execution by unexpected users
  • Access control violation logs

Network Indicators:

  • Unusual API calls to document script endpoints

SIEM Query:

source="xwiki.log" AND ("DocumentAuthors" OR "script API" OR "access denied")

📊 Metadata

CVE ID: CVE-2023-29507
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-648
Published: April 16, 2023
Last Updated: February 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29507, you might also want to check these:

CVE-2022-2023 9.8

This vulnerability involves incorrect use of privileged APIs in the trudesk help desk software, allo...

Same vulnerability type (CWE-648)
CVE-2023-4972 9.8

This vulnerability in Yepas Digital Yepas involves incorrect use of privileged APIs, allowing attack...

Same vulnerability type (CWE-648)
CVE-2024-11068 9.8

CVE-2024-11068 is a critical vulnerability in D-Link DSL6740C modems that allows unauthenticated rem...

Same vulnerability type (CWE-648)