Skip to content
Nuclei Templates

XWiki - Open Redirect

ID: CVE-2023-32068

Severity: medium

Author: ritikchaddha

Tags: cve,cve2023,xwiki,redirect

Description

Section titled “Description”

XWiki Platform is vulnerable to open redirect attacks due to improper validation of the xredirect parameter. This allows an attacker to redirect users to an arbitrary website. The vulnerability is patched in versions 14.10.4 and 15.0.

YAML Source

Section titled “YAML Source”
id: CVE-2023-32068


info:
  name: XWiki - Open Redirect
  author: ritikchaddha
  severity: medium
  description: |
    XWiki Platform is vulnerable to open redirect attacks due to improper validation of the xredirect parameter. This allows an attacker to redirect users to an arbitrary website. The vulnerability is patched in versions 14.10.4 and 15.0.
  impact: |
    An attacker can craft malicious URLs to redirect users to malicious websites.
  remediation: |
    Implement proper input validation and sanitize user-controlled input to prevent open redirect vulnerabilities.
  reference:
    - https://jira.xwiki.org/browse/XWIKI-20096
    - https://nvd.nist.gov/vuln/detail/CVE-2023-32068
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2023-32068
    cwe-id: CWE-601
    epss-score: 0.00149
    epss-percentile: 0.50372
    cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: xwiki
    product: xwiki
    shodan-query: html:"data-xwiki-reference"
    fofa-query: body="data-xwiki-reference"
  tags: cve,cve2023,xwiki,redirect


http:
  - method: GET
    path:
      - "{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//oast.me"


    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?oast\.me(?:\s*?)$'
# digest: 4b0a004830460221008f86083ce29fea73f9372d63d5847ae68df6093bf76fc79b14344df09da9e221022100ff06c670ddcf3cac48e84a14cceeccf29fc3790fc370ff93cd3e5282ba5d4f21:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-32068.yaml"

View on Github