{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-41927","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","dateUpdated":"2025-04-23T16:35:31.577Z","dateReserved":"2022-09-30T00:00:00.000Z","datePublished":"2022-11-23T00:00:00.000Z"},"containers":{"cna":{"title":"XWiki Platform vulnerable to Cross-Site Request Forgery (CSRF) allowing to delete or rename tags","providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2022-11-23T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"XWiki Platform is vulnerable to Cross-Site Request Forgery (CSRF) that may allow attackers to delete or rename tags without needing any confirmation. The problem has been patched in XWiki 13.10.7, 14.4.1 and 14.5RC1. Workarounds: It's possible to patch existing instances directly by editing the page Main.Tags and add this kind of check, in the code for renaming and for deleting: ``` #if (!$services.csrf.isTokenValid($request.get('form_token'))) #set ($discard = $response.sendError(401, \"Wrong CSRF token\")) #end ```"}],"affected":[{"vendor":"xwiki","product":"xwiki-platform","versions":[{"version":">= 3.2-milestone-2, < 13.10.7","status":"affected"},{"version":">= 14.0.0, < 14.4.1","status":"affected"}]}],"references":[{"url":"https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-mq7h-5574-hw9f"},{"url":"https://github.com/xwiki/xwiki-platform/commit/7fd4cda0590180c4d34f557597e9e10e263def9e"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":7.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-352: Cross-Site Request Forgery (CSRF)","cweId":"CWE-352"}]}],"source":{"advisory":"GHSA-mq7h-5574-hw9f","discovery":"UNKNOWN"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T12:56:38.542Z"},"title":"CVE Program Container","references":[{"url":"https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-mq7h-5574-hw9f","tags":["x_transferred"]},{"url":"https://github.com/xwiki/xwiki-platform/commit/7fd4cda0590180c4d34f557597e9e10e263def9e","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-23T13:54:05.395668Z","id":"CVE-2022-41927","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-23T16:35:31.577Z"}}]}}