{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47447?format=json","vulnerability_id":"VCID-rpvk-g9y1-yucv","summary":"XWiki Platform remote code execution from account via custom skins support\nAny user who can edit any page like their profile can create a custom skin with a template override that is executed with programming right, thus allowing remote code execution.\n\nTo reproduce, as a user without edit, script or admin right, add an object of class `XWiki.XWikiSkins` to your profile. Name it whatever you want and set the Base Skin to `flamingo`.\nAdd an object of class `XWikiSkinFileOverrideClass` and set the path to `macros.vm` and the content to:\n```","aliases":[{"alias":"CVE-2024-31987"},{"alias":"GHSA-cv55-v6rw-7r5v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/69694?format=json","purl":"pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@14.10.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@14.10.19"},{"url":"http://public2.vulnerablecode.io/api/packages/69695?format=json","purl":"pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@15.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@15.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/69712?format=json","purl":"pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@15.10-rc-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@15.10-rc-1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/69726?format=json","purl":"pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@6.4-milestone-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-rpvk-g9y1-yucv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@6.4-milestone-1"},{"url":"http://public2.vulnerablecode.io/api/packages/65815?format=json","purl":"pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@15.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1x2u-ggpt-q7br"},{"vulnerability":"VCID-3gjp-eske-eqgk"},{"vulnerability":"VCID-9649-wpan-ykaq"},{"vulnerability":"VCID-by7h-2wyg-jqfy"},{"vulnerability":"VCID-rmg4-3gqx-duc6"},{"vulnerability":"VCID-rpvk-g9y1-yucv"},{"vulnerability":"VCID-xevu-xntb-vufs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@15.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/69693?format=json","purl":"pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@15.6-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9649-wpan-ykaq"},{"vulnerability":"VCID-rpvk-g9y1-yucv"},{"vulnerability":"VCID-xevu-xntb-vufs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-oldcore@15.6-rc-1"}],"references":[{"reference_url":"https://github.com/xwiki/xwiki-platform","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/xwiki/xwiki-platform"},{"reference_url":"https://github.com/xwiki/xwiki-platform/commit/3d4dbb41f52d1a6e39835cfb1695ca6668605a39","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/xwiki/xwiki-platform/commit/3d4dbb41f52d1a6e39835cfb1695ca6668605a39"},{"reference_url":"https://github.com/xwiki/xwiki-platform/commit/626d2a5dbf95b4e719ae13bf1a0a9c76e4edd5a2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/xwiki/xwiki-platform/commit/626d2a5dbf95b4e719ae13bf1a0a9c76e4edd5a2"},{"reference_url":"https://github.com/xwiki/xwiki-platform/commit/da177c3c972e797d92c1a31e278f946012c41b56","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/xwiki/xwiki-platform/commit/da177c3c972e797d92c1a31e278f946012c41b56"},{"reference_url":"https://jira.xwiki.org/browse/XWIKI-21478","reference_id":"","reference_type":"","scores":[],"url":"https://jira.xwiki.org/browse/XWIKI-21478"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-31987","reference_id":"CVE-2024-31987","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-31987"},{"reference_url":"https://github.com/advisories/GHSA-cv55-v6rw-7r5v","reference_id":"GHSA-cv55-v6rw-7r5v","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cv55-v6rw-7r5v"},{"reference_url":"https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-cv55-v6rw-7r5v","reference_id":"GHSA-cv55-v6rw-7r5v","reference_type":"","scores":[],"url":"https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-cv55-v6rw-7r5v"}],"weaknesses":[{"cwe_id":862,"name":"Missing Authorization","description":"The product does not perform an authorization check when an actor attempts to access a resource or perform an action."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rpvk-g9y1-yucv"}