CVE-2022-23620

Name of the Vulnerable Software and Affected Versions XWiki Platform versions prior to 13.6-rc-1

Description The issue arises from the AbstractSxExportURLFactoryActionHandler#processSx function not properly escaping SSX document references when serializing them on the filesystem. This allows the HTML export process to contain reference elements with filesystem syntax like "../", "./", or "/" in general, which can lead to security issues. The referenced elements are not properly escaped.

Recommendations For versions prior to 13.6-rc-1, update to version 13.6-rc-1 to resolve the issue. As a temporary workaround, consider limiting or disabling document export to minimize the risk of exploitation. Additionally, giving script or subwiki admin rights only to trusted people and disabling HTML/PDF export can be done as a workaround until the issue is resolved.