This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical info leak in XWiki Platform. π **Consequences**: All document content is exposed to anyone with access. The wiki's internal data is completely naked! π€―
Q2Root Cause? (CWE/Flaw)
π‘οΈ **CWE-285**: Improper Authorization. π **Flaw**: The Solr-based search API bypasses permission checks. It exposes raw content (`doccontentraw`) without verifying if the user *should* see it. π«
Q3Who is affected? (Versions/Components)
π¦ **Vendor**: XWiki. π **Affected Versions**: 6.3-milestone-2 to 14.10.15 AND 15.0-rc-1 to 15.5.1. β οΈ Check your version immediately! π
Q4What can hackers do? (Privileges/Data)
π» **Hackers Can**: Read ALL wiki documents. π **Data Exposed**: Titles, references, links, and raw content. π **Not Exposed**: Password hashes (mostly). But that's still a massive breach! π±
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: LOW. π **Auth**: None required (Public by default). π±οΈ **UI**: None needed. If you can reach the server, you can see the data. πββοΈπ¨
Q6Is there a public Exp? (PoC/Wild Exploitation)
π§ͺ **Public Exp**: YES. π **PoC**: Available via Nuclei templates. π **Link**: `projectdiscovery/nuclei-templates`. Wild exploitation is possible using the specific Solr query endpoint. βοΈ
π οΈ **Fixed**: YES. π **Patch**: Official commits and GHSA advisories exist. π **Ref**: `GHSA-7fqr-97j7-jgf4`. Update to a patched version ASAP! β
Q9What if no patch? (Workaround)
π§ **No Patch?**: Block external access to the Solr service endpoint. π« **Mitigation**: Restrict `/xwiki/bin/get/XWiki/SuggestSolrService` via WAF or firewall rules. π
Q10Is it urgent? (Priority Suggestion)
π₯ **Urgency**: HIGH. π **Priority**: CRITICAL. Publicly exploitable info leak with no auth needed. Patch immediately to prevent data theft! β³