Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-dnqk-983h-u3et
Vulnerability ID VCID-dnqk-983h-u3et
Aliases CVE-2022-31166
GHSA-g4h6-qp44-wqvx
Summary XWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groups ### Impact It's possible to exploit a bug in XWikiRights resolution of groups to obtain privilege escalation. More specifically, editing a right with the object editor leads to adding a supplementary empty value to groups which is then resolved as a reference to XWiki.WebHome page. Adding an XWikiGroup xobject to that page then transforms it to a group, any user put in that group would then obtain the privileges related to the edited right. Note that this security issue is normally mitigated by the fact that XWiki.WebHome (and XWiki space in general) should be protected by default for edit rights. ### Patches The problem has been patched in XWiki 13.10.4 and 14.2RC1 to not consider anymore empty values in XWikiRights. ### Workarounds It's possible to workaround the problem by setting appropriate rights on XWiki.WebHome page to prevent users to edit it. ### References * https://jira.xwiki.org/browse/XWIKI-18386 * https://jira.xwiki.org/browse/XWIKI-15776 ### For more information If you have any questions or comments about this advisory: * Open an issue in [Jira XWiki.org](https://jira.xwiki.org) * Email us at [Security Mailing List](mailto:security@xwiki.org)
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-269 Improper Privilege Management
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2022-31166
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-g4h6-qp44-wqvx
cvssv3.1 8.1 https://github.com/xwiki/xwiki-platform
generic_textual HIGH https://github.com/xwiki/xwiki-platform
cvssv3.1 8.1 https://github.com/xwiki/xwiki-platform/pull/1800
generic_textual HIGH https://github.com/xwiki/xwiki-platform/pull/1800
ssvc Track* https://github.com/xwiki/xwiki-platform/pull/1800
cvssv3.1 8.1 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx
cvssv3.1_qr HIGH https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx
generic_textual HIGH https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx
ssvc Track* https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx
cvssv3.1 8.1 https://jira.xwiki.org/browse/XWIKI-15776
generic_textual HIGH https://jira.xwiki.org/browse/XWIKI-15776
ssvc Track* https://jira.xwiki.org/browse/XWIKI-15776
cvssv3.1 8.1 https://jira.xwiki.org/browse/XWIKI-18386
generic_textual HIGH https://jira.xwiki.org/browse/XWIKI-18386
ssvc Track* https://jira.xwiki.org/browse/XWIKI-18386
cvssv3.1 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31166
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2022-31166
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-31166
https://github.com/xwiki/xwiki-platform
https://github.com/xwiki/xwiki-platform/pull/1800
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx
https://jira.xwiki.org/browse/XWIKI-15776
https://jira.xwiki.org/browse/XWIKI-18386
https://nvd.nist.gov/vuln/detail/CVE-2022-31166
GHSA-g4h6-qp44-wqvx https://github.com/advisories/GHSA-g4h6-qp44-wqvx
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://github.com/xwiki/xwiki-platform
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://github.com/xwiki/xwiki-platform/pull/1800
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:19Z/ Found at https://github.com/xwiki/xwiki-platform/pull/1800
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:19Z/ Found at https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://jira.xwiki.org/browse/XWIKI-15776
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:19Z/ Found at https://jira.xwiki.org/browse/XWIKI-15776
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://jira.xwiki.org/browse/XWIKI-18386
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:19Z/ Found at https://jira.xwiki.org/browse/XWIKI-18386
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-31166
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.83592
EPSS Score 0.01997
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:05:32.395287+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-g4h6-qp44-wqvx/GHSA-g4h6-qp44-wqvx.json 38.0.0