CVE-2022-36092
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-36092
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-36092.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-36092
- Aliases
- Published
- 2022-09-08T17:15:15Z
- Modified
- 2025-12-05T12:22:56.789564Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- XWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action
- Details
-
XWiki Platform Old Core is a core package for XWiki Platform, a generic wiki platform. Prior to versions 14.2 and 13.10.4, all rights checks that would normally prevent a user from viewing a document on a wiki can be bypassed using the login action and directly specified templates. This exposes title, content and comments of any document and properties of objects, though class and property name must be known. This is also exploitable on private wikis. This has been patched in versions 14.2 and 13.10.4 by properly checking view rights before loading documents and disallowing non-default templates in the login, registration and skin action. As a workaround, it would be possible to protect all templates individually by adding code to check access rights first.
- Database specific
{ "cwe_ids": [ "CWE-287" ], "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/36xxx/CVE-2022-36092.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/36xxx/CVE-2022-36092.json
- https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb
- https://github.com/xwiki/xwiki-platform/commit/9b7057d57a941592d763992d4299456300918208
- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8h89-34w2-jpfm
- https://jira.xwiki.org/browse/XWIKI-18602
- https://jira.xwiki.org/browse/XWIKI-19549
- https://nvd.nist.gov/vuln/detail/CVE-2022-36092
Affected packages
Git / github.com/xwiki/xwiki-commons
Git / github.com/xwiki/xwiki-platform
Affected ranges
- Type
- GIT
- Repo
- https://github.com/xwiki/xwiki-platform
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
xwiki-application-calendar-1.*
xwiki-application-calendar-1.0
xwiki-platform-7.*
xwiki-platform-7.3-milestone-2
xwiki-platform-7.4-milestone-1
xwiki-platform-7.4-milestone-2
xwiki-platform-8.*
xwiki-platform-8.0-milestone-1
xwiki-platform-8.0-milestone-2
xwiki-platform-8.1-milestone-1
xwiki-platform-8.1-milestone-2
xwiki-platform-8.2-milestone-1
xwiki-platform-8.2-milestone-2
xwiki-platform-8.3-milestone-1
xwiki-platform-9.*
xwiki-platform-9.9-rc-2
xwiki-plugin-tag-1.*
xwiki-plugin-tag-1.1
Database specific
vanir_signatures
[
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Function",
"target": {
"function": "render",
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/LoginErrorAction.java"
},
"id": "CVE-2022-36092-2125d9f0",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 73.0,
"function_hash": "290951439554817580629288229862984976915"
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Function",
"target": {
"function": "render",
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/SkinAction.java"
},
"id": "CVE-2022-36092-46ebf23c",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 227.0,
"function_hash": "12620936998958339819645522159285315930"
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Function",
"target": {
"function": "render",
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/LoginAction.java"
},
"id": "CVE-2022-36092-53e05d0b",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 195.0,
"function_hash": "92936970513355401189768925734204185328"
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Line",
"target": {
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/RegisterAction.java"
},
"id": "CVE-2022-36092-6413dd66",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"129741798568835193545519230161513052116",
"248441858526514497857581308984228593642",
"289836569577659662753945271606289797530"
]
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Line",
"target": {
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/XWiki.java"
},
"id": "CVE-2022-36092-79597ce0",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"228722021646907852147601064371816417166",
"309893147895295623006678677505914088948",
"296949392936102305018749420429708858673",
"79779056127460637435062281877392531978",
"159118855138867057820020552109526880545",
"96229704121027180594531059620055387703",
"258778771745396362684712780689570946208",
"321927589465859195389820267425105146941",
"152144373543547686191492535433211320740",
"35838872189371855404255005145611518390",
"4052869112836908288621775348375378334",
"198671997787842484133686533449592832776",
"302801264038260864224859171562219418372",
"3965168309518567409961215106832879383",
"212384403258689564736687815310058263049",
"15799800441770470322558449160171332280",
"141090657238910517911352431810003301380",
"64647879369216900541248089782184566778",
"87544493954714933080708187203969350359",
"163425526095659632715769973333750256818",
"35788842022087045123609167469769150123",
"14660042912638954110072286275525639622"
]
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Line",
"target": {
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/LoginErrorAction.java"
},
"id": "CVE-2022-36092-7f83223e",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"205102867196807242750029202956339919662",
"185838120143568738867783751224042034062",
"247560934255644735119601249642627499757",
"196964425332799933792019260519525495234",
"289940823145706513894867888268227353968",
"335120901962831214955874712757936282497",
"303469427591486454762439135435334774358"
]
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Function",
"target": {
"function": "action",
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/RegisterAction.java"
},
"id": "CVE-2022-36092-93521f8f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 787.0,
"function_hash": "169314351788692781451429070747690618935"
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Function",
"target": {
"function": "render",
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/SkinAction.java"
},
"id": "CVE-2022-36092-952f142d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1437.0,
"function_hash": "76866126606115470955963545866846705145"
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Line",
"target": {
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/SkinAction.java"
},
"id": "CVE-2022-36092-af3cb26c",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"46124437662527452649691640037286549559",
"154753768410379500217920907306906565625",
"19804179982290288445347343110841940335",
"1026720116172649524953639793169595414",
"25291363707261908575500781484274799223",
"120913902133190361057581455359581393459",
"47456674116260542673095577421937899361",
"48701598696584742782219278464301757100",
"109056058933282594909472878419319127715",
"281523694881093520070833364555892981870",
"282195552530682514852257061878044123729",
"260394261645276105957753980367153488841",
"321786245635659677300815405538519920082",
"327427202600406253588452603017173724842",
"330470461897248301351101071645955343363"
]
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Function",
"target": {
"function": "prepareDocuments",
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/XWiki.java"
},
"id": "CVE-2022-36092-b0f58eb6",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 3672.0,
"function_hash": "234721490795059091220789009001135400855"
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Line",
"target": {
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/LoginSubmitAction.java"
},
"id": "CVE-2022-36092-b218b70b",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"233332251243304210654386443201254986869",
"310654350099606346379510137511927665639",
"64629888236980799467021377344515030503",
"196964425332799933792019260519525495234",
"98944944143130069284698966093920129334",
"31708310454332351377900339045350273580",
"216784920352055109888462277686677890082"
]
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Line",
"target": {
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/LoginAction.java"
},
"id": "CVE-2022-36092-c3aa0687",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"180779849631488952180149728061634777179",
"96675754632867215347754697473477568995",
"157258088345616920533881466406792500343",
"25400634590730898626523997741880507946",
"108528306601871024792342374168286190331",
"217388699667895560558207770105824210962",
"62611156957476029916158049957341141037",
"48811371396501015343292239236447810032",
"286425907000469837085487031348115535824",
"216784920352055109888462277686677890082"
]
}
},
{
"source": "https://github.com/xwiki/xwiki-platform/commit/71a6d0bb6f8ab718fcfaae0e9b8c16c2d69cd4bb",
"signature_type": "Function",
"target": {
"function": "render",
"file": "xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/LoginSubmitAction.java"
},
"id": "CVE-2022-36092-ec7f5d91",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 243.0,
"function_hash": "75484395089046896113766431448288592295"
}
}
]