XWiki Blog Application Remote Code Execution Vulnerability
Vulnerability
A remote code execution vulnerability exists in the XWiki blog application for versions prior to 9.14. This issue allows any user with edit rights on a page to execute arbitrary code. Typically, this includes all logged-in users who can modify their user profiles. The vulnerability can be exploited by adding an object of type 'Blog.BlogPostClass' to any page and inserting a script macro containing the exploit code into the 'Content' field of that object.
Impact
Exploitation of this vulnerability allows for remote code execution on the server where XWiki is hosted.
Reproduction
To reproduce this vulnerability, log in as a user with edit rights on any page. Once logged in, navigate to the user profile and add an object of type 'Blog.BlogPostClass'. In the 'Content' field, insert a script macro with the desired exploit code, such as a Groovy script. After saving the post, the injected code will be executed, demonstrating the vulnerability.
Remediation
Users can update to XWiki Blog Application version 9.14 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.