Protect Your XWiki Platform from Rollback Attacks

CVECVE-2024-21648
CVSScvssV3_1: 8
SourceCVE-2024-21648

XWiki Platform is an open source wiki software that allows users to collaboratively edit and manage content. Researchers discovered a vulnerability in older versions of XWiki Platform that could allow attackers to gain unauthorized access.

The issue stems from a missing access control when rolling back wiki pages to previous versions. By exploiting this, an attacker could rollback a page they no longer had access to and assume the permissions of whoever last edited that past version. This effectively grants the attacker rights they should no longer possess.

To perform such an attack, the bad actor would need access to rollback a targeted wiki page. From there, they could view or modify content they were previously restricted from. This poses a risk if sensitive organizational information is stored on an vulnerable XWiki wiki.

Luckily, developers have addressed this vulnerability in recent XWiki Platform releases 14.10.17, 15.5.3 and 15.8-rc-1. It’s important users upgrade to one of these patched versions as soon as possible to close this security hole. Admins should also review page access logs for any suspicious activity indicating a rollback attack was attempted.

By keeping your XWiki software up-to-date, you can help prevent attackers from exploiting this and other issues to gain unauthorized access through rollback functionality. Staying vigilant about application security helps ensure your wiki collaboration remains open and safe for all users.

References