fkie_cve-2025-53836
Vulnerability from fkie_nvd
Published
2025-07-15 00:15
Modified
2025-07-15 20:15
Severity ?
Summary
XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricted attribute of the transformation context when executing nested macros. This allows executing macros that are normally forbidden in restricted mode, in particular script macros. The cache and chart macros that are bundled in XWiki use the vulnerable feature. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. To avoid the exploitation of this bug, comments can be disabled for untrusted users until an upgrade to a patched version has been performed. Note that users with edit rights will still be able to add comments via the object editor even if comments have been disabled.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn\u0027t preserve the restricted attribute of the transformation context when executing nested macros. This allows executing macros that are normally forbidden in restricted mode, in particular script macros. The cache and chart macros that are bundled in XWiki use the vulnerable feature. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. To avoid the exploitation of this bug, comments can be disabled for untrusted users until an upgrade to a patched version has been performed. Note that users with edit rights will still be able to add comments via the object editor even if comments have been disabled."
},
{
"lang": "es",
"value": "XWiki Rendering es un sistema de renderizado gen\u00e9rico que convierte la entrada textual en una sintaxis dada (sintaxis wiki, HTML, etc.) en otra sintaxis (XHTML, etc.). A partir de la versi\u00f3n 4.2-milestone-1 y anteriores a las versiones 13.10.11, 14.4.7 y 14.10, el analizador de contenido de macros predeterminado no conserva el atributo restringido del contexto de transformaci\u00f3n al ejecutar macros anidadas. Esto permite ejecutar macros que normalmente est\u00e1n prohibidas en modo restringido, en particular las macros de script. Las macros de cach\u00e9 y gr\u00e1ficos incluidas en XWiki utilizan esta funci\u00f3n vulnerable. Esto se ha corregido en XWiki 13.10.11, 14.4.7 y 14.10. Para evitar que se aproveche este fallo, se pueden desactivar los comentarios para usuarios no confiables hasta que se actualice a una versi\u00f3n corregida. Tenga en cuenta que los usuarios con permisos de edici\u00f3n podr\u00e1n a\u00f1adir comentarios a trav\u00e9s del editor de objetos, incluso si los comentarios se han desactivado."
}
],
"id": "CVE-2025-53836",
"lastModified": "2025-07-15T20:15:50.840",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-07-15T00:15:22.370",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/xwiki/xwiki-rendering/commit/c73fa3ccd4ac59057e48e5d4325f659e78e8f86d"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/xwiki/xwiki-rendering/security/advisories/GHSA-32mf-57h2-64x9"
},
{
"source": "security-advisories@github.com",
"url": "https://jira.xwiki.org/browse/XRENDERING-689"
},
{
"source": "security-advisories@github.com",
"url": "https://jira.xwiki.org/browse/XWIKI-20375"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"url": "https://github.com/xwiki/xwiki-rendering/security/advisories/GHSA-32mf-57h2-64x9"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
},
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…