Login Sign Up

CVE-2023-29510

9.9 CRITICAL
Remote Code Execution

📋 TL;DR

This vulnerability allows any user with edit access to at least one document (including their own profile by default) to inject malicious code through translation overrides, leading to remote code execution. It affects XWiki Platform installations where users can edit documents. The vulnerability stems from improper escaping of user-provided translations in privileged contexts.

💻 Affected Systems

Products:
  • XWiki Platform
Versions: All versions before 14.10.2 and 15.0 RC1
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Default configuration allows users to edit their own profile, making all installations vulnerable unless script rights have been explicitly restricted.

📦 What is this software?

Xwiki by Xwiki

View all CVEs affecting Xwiki →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the XWiki server, potentially leading to data theft, lateral movement, or deployment of ransomware.

🟠

Likely Case

Authenticated users exploiting the vulnerability to execute arbitrary code, potentially compromising sensitive data or disrupting services.

🟢

If Mitigated

With proper access controls and script rights restrictions, impact is limited to users with script privileges only.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated user with edit access to at least one document. The vulnerability is well-documented in the advisory with technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 14.10.2 or 15.0 RC1 and later

Vendor Advisory: https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4v38-964c-xjmw

Restart Required: Yes

Instructions:

1. Backup your XWiki installation and database. 2. Download XWiki 14.10.2 or 15.0 RC1 from official sources. 3. Stop the XWiki service. 4. Replace the installation with the patched version. 5. Restart the XWiki service. 6. Verify the version is updated.

🧯 If You Can't Patch

  • Restrict script rights for all regular users globally in XWiki configuration.
  • Disable user profile editing for all users through access controls.

🔍 How to Verify

Check if Vulnerable:

Check XWiki version via Administration → About XWiki. If version is below 14.10.2 and not 15.0 RC1 or later, the system is vulnerable.

Check Version:

Check the XWiki web interface at Administration → About XWiki or examine the xwiki.cfg file.

Verify Fix Applied:

Verify version is 14.10.2 or 15.0 RC1 or later. Test that user-scoped translations now require script right by attempting to add a translation as a regular user.

📡 Detection & Monitoring

Log Indicators:

  • Unusual translation modification events
  • Script execution from user translation contexts
  • Error logs related to translation parsing

Network Indicators:

  • Unusual outbound connections from XWiki server following user translation activities

SIEM Query:

source="xwiki.log" AND ("translation" OR "script") AND ("error" OR "execution" OR "malicious")

📊 Metadata

CVE ID: CVE-2023-29510
CVSS v3 Score: 9.9 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-74
Published: April 19, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29510, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)