CVE-2025-32429 Scanner
CVE-2025-32429 Scanner - SQL Injection (SQLi) vulnerability in XWiki Platform
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
22 days 18 hours
Scan only one
URL
Toolbox
XWiki Platform is a generic wiki platform that is widely used for creating dynamic and flexible applications. It is utilized by developers and businesses to build custom wikis and collaborative projects. The platform provides runtime services and is known for its extensibility, allowing for the integration of numerous add-ons and plugins. XWiki promotes community collaboration and is often used in enterprises for sharing knowledge and documentation. Known for its adaptability, XWiki is an open-source solution that empowers users to tailor their wikis to specific organizational needs. It is a robust solution in environments that require efficient management of documentation and collaborative working spaces.
The vulnerability detected is an SQL Injection, which can have severe consequences if exploited. SQL Injection involves inserting or "injecting" SQL queries through the input data from the client to the application. This defect in XWiki Platform versions 9.4-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2 enables attackers to inject SQL queries via the sort parameter. If leveraged, this could lead to data leakage, unauthorized database modifications, or even full compromise of the application. The vulnerability is particularly critical as it does not require authentication for exploitation.
Technically, the vulnerability exists in the sort parameter within the getdeleteddocuments.vm template. Exploiting this, an attack can inject SQL queries in the order by clause. This defect can trigger exceptions within the application, particularly noted by the presence of LiveDataException errors. Furthermore, the injected code can be used to manipulate database operations due to the improper validation and sanitization of fields within the application.
Exploitation of this vulnerability could lead to unauthorized access to sensitive data, modification or deletion of database entries, and potential compromise of other interconnected systems. In a worst-case scenario, attackers could gain further entry into the network or pivot to other systems, endangering the entire application environment. They could extract confidential information, disrupt services, and potentially execute commands on the server if not protected.
REFERENCES
