CVE-2006-7223

Current Description

PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the user who last modified a document, which allows remote authenticated users without programming rights to execute arbitrary code by selecting a document whose author has programming rights, modifying this document to contain a script, and previewing without saving the document.

Basic Data

PublishedSeptember 14, 2007
Last ModifiedSeptember 05, 2008
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-264
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score6.5
SeverityMEDIUM
Exploitability Score8.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegetrue
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationXwikiXwiki0.9.543*******
    2.3ApplicationXwikiXwiki0.9.790*******
    2.3ApplicationXwikiXwiki0.9.793*******
    2.3ApplicationXwikiXwiki0.9.840*******
    2.3ApplicationXwikiXwiki0.9.1252*******

Vulnerable Software List

VendorProductVersions
Xwiki Xwiki 0.9.1252, 0.9.543, 0.9.790, 0.9.793, 0.9.840

References

NameSourceURLTags
http://jira.xwiki.org/jira/browse/XWIKI-366http://jira.xwiki.org/jira/browse/XWIKI-366CONFIRM