CVE-2023-26478

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-26478

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-26478.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-26478

Aliases

GHSA-8692-g6g9-gm5p

Published

2023-03-02T17:46:15Z

Modified

2025-10-26T04:05:34.392457Z

Severity

6.6 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L CVSS Calculator

Summary

org.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or Function

Details

XWiki Platform is a generic wiki platform. Starting in version 14.3-rc-1, org.xwiki.store.script.TemporaryAttachmentsScriptService#uploadTemporaryAttachment returns an instance of com.xpn.xwiki.doc.XWikiAttachment. This class is not supported to be exposed to users without the programing right. com.xpn.xwiki.api.Attachment should be used instead and takes case of checking the user's rights before performing dangerous operations. This has been patched in versions 14.9-rc-1 and 14.4.6. There are no known workarounds for this issue.

Database specific

{
    "cwe_ids": [
        "CWE-749"
    ]
}

References

Affected packages

Git / github.com/xwiki/xwiki-commons

Affected ranges

Type: GIT
Repo: https://github.com/xwiki/xwiki-commons
Events: Introduced

58bca6b6f0fb325008ef9147d3c0cdda3e1e306b

Fixed

61952343490e97926364658196c63936e0b384c5

Git / github.com/xwiki/xwiki-platform

Affected ranges

Type: GIT
Repo: https://github.com/xwiki/xwiki-platform
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3c73c59e39b6436b1074d8834cf276916010014d

Affected versions

xwiki-application-calendar-1.*

xwiki-application-calendar-1.0

xwiki-platform-7.*

xwiki-platform-7.3-milestone-2

xwiki-platform-7.4-milestone-1

xwiki-platform-7.4-milestone-2

xwiki-platform-8.*

xwiki-platform-8.0-milestone-1

xwiki-platform-8.0-milestone-2

xwiki-platform-8.1-milestone-1

xwiki-platform-8.1-milestone-2

xwiki-platform-8.2-milestone-1

xwiki-platform-8.2-milestone-2

xwiki-platform-8.3-milestone-1

xwiki-platform-9.*

xwiki-platform-9.9-rc-2

xwiki-plugin-tag-1.*

xwiki-plugin-tag-1.1

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d",
        "target": {
            "function": "uploadAttachment",
            "file": "xwiki-platform-core/xwiki-platform-store/xwiki-platform-store-filesystem-oldcore/src/test/java/org/xwiki/store/filesystem/internal/DefaultTemporaryAttachmentSessionsManagerTest.java"
        },
        "deprecated": false,
        "id": "CVE-2023-26478-3939d711",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 1418.0,
            "function_hash": "155883122412633476734446493562193450448"
        }
    },
    {
        "source": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d",
        "target": {
            "function": "uploadAttachment",
            "file": "xwiki-platform-core/xwiki-platform-store/xwiki-platform-store-filesystem-oldcore/src/main/java/org/xwiki/store/filesystem/internal/DefaultTemporaryAttachmentSessionsManager.java"
        },
        "deprecated": false,
        "id": "CVE-2023-26478-4aff8cfb",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 672.0,
            "function_hash": "42048341040674529034290269822830072259"
        }
    },
    {
        "source": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d",
        "target": {
            "file": "xwiki-platform-core/xwiki-platform-store/xwiki-platform-store-filesystem-oldcore/src/main/java/org/xwiki/store/script/TemporaryAttachmentsScriptService.java"
        },
        "deprecated": false,
        "id": "CVE-2023-26478-5f24b082",
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "90732898407872512606056224892089399837",
                "150330956890593192686701608737684319289",
                "21449327502105107314310889989651829535",
                "195818988841616114941333712828859057830",
                "22409579886776972554664662533811822480",
                "185684644920597146439329304777352192921",
                "121051181293881163801553237611145641384",
                "278516662316752092769408661004299239951",
                "234039099419727715603805807587141584352",
                "14103097810875209856722578945508050522",
                "326856608607242267732138617372778005681",
                "100436382224290662443303627231746405864",
                "123140649653947184401813785230014065435",
                "334242165505347066557684267693510328593",
                "28860825527599968857085331538437803698",
                "178083422401120788458903476408022469181",
                "265123490321942392512017695494912388264",
                "234786247430480964608420573382040446843",
                "154144563227695864634328558191451756512",
                "142700265158099544714163645311154971444",
                "302730711719111797215721477439800802311",
                "143456924728283197764025222071463934950",
                "289605569773853138272182476941476368635",
                "259162778386417063468557418042811599145",
                "177586603177000158624681454513142032021",
                "233291504611408829874593365032094564341",
                "202720542349540254378733800290711404891",
                "30800749679817868572977217617147515340"
            ]
        }
    },
    {
        "source": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d",
        "target": {
            "file": "xwiki-platform-core/xwiki-platform-store/xwiki-platform-store-filesystem-oldcore/src/test/java/org/xwiki/store/filesystem/internal/DefaultTemporaryAttachmentSessionsManagerTest.java"
        },
        "deprecated": false,
        "id": "CVE-2023-26478-74f599ec",
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "138431497083985795484075614495978299305",
                "324180225554221716265363034556073702927",
                "159113653469603075496769891231938942826",
                "66583740093708104698884157838490321333",
                "138673137280947762897493322531188810386",
                "68035485954405445188167317869073947916",
                "297188380109345547674677892297619956892",
                "249024683691710693912364920890812076411",
                "179287147471590080715230212769018973156",
                "139125247346167903979977461937359597989",
                "223597510376668433628292399298317817926",
                "103316867255013433903531016016042985042",
                "148120680160857816231908125717244970068",
                "120501514880222270354163922797286990353",
                "291109152239957317965986146813648514583",
                "311462059951041109221448418574365883861",
                "334879115508477983428653292812149121746",
                "163963316873803725592797886618694583744",
                "255626990567937590960687188184885545761",
                "269231881778760414262966019102423275019",
                "339561715173324889055898959566478195334",
                "318701797470459296600032781646643858918",
                "321713713264635326912192722176291786836",
                "123369077093512989420412178612179153001",
                "307822255249765670186912824412429502220",
                "235147173606726988576909136993249495955",
                "189132561348829793801611652645230526605",
                "248887920928295193464784600083042772766"
            ]
        }
    },
    {
        "source": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d",
        "target": {
            "function": "uploadTemporaryAttachment",
            "file": "xwiki-platform-core/xwiki-platform-store/xwiki-platform-store-filesystem-oldcore/src/main/java/org/xwiki/store/script/TemporaryAttachmentsScriptService.java"
        },
        "deprecated": false,
        "id": "CVE-2023-26478-7befa7b7",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 600.0,
            "function_hash": "325387706672250328865803087794072818317"
        }
    },
    {
        "source": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d",
        "target": {
            "file": "xwiki-platform-core/xwiki-platform-store/xwiki-platform-store-filesystem-oldcore/src/main/java/org/xwiki/store/filesystem/internal/DefaultTemporaryAttachmentSessionsManager.java"
        },
        "deprecated": false,
        "id": "CVE-2023-26478-c612910f",
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "278516662316752092769408661004299239951",
                "55076876934246036598599593648699663",
                "297073376410948909799482362099351756409",
                "82467129399590227047405593145939176635",
                "336469159892510744154884485561460942473",
                "110807099317004936965741568791764491625",
                "130366479391956983550011657250779121839",
                "198317991280639410338283284713349491556"
            ]
        }
    }
]