All the vulnerabilites related to YesWiki - yeswiki
cve-2025-24019
Vulnerability from cvelistv5
Published
2025-01-21 17:36
Modified
2025-02-12 20:41
Severity ?
EPSS score ?
Summary
YesWiki vulnerable to authenticated arbitrary file deletion
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-43c9-gw4x-pcx6 | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/3ddd833d22703caf9025659eb174f7765df7147c | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24019",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T18:57:51.401654Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:22.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for any authenticated user, through the use of the filemanager to delete any file owned by the user running the FastCGI Process Manager (FPM) on the host without any limitation on the filesystem\u0027s scope. This vulnerability allows any authenticated user to arbitrarily remove content from the Wiki resulting in partial loss of data and defacement/deterioration of the website. In the context of a container installation of YesWiki without any modification, the `yeswiki` files (for example .php) are not owned by the same user (root) as the one running the FPM process (www-data). However in a standard installation, www-data may also be the owner of the PHP files, allowing a malicious user to completely cut the access to the wiki by deleting all important PHP files (like index.php or core files of YesWiki). Version 4.5.0 contains a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T17:36:10.367Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-43c9-gw4x-pcx6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-43c9-gw4x-pcx6"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/3ddd833d22703caf9025659eb174f7765df7147c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/3ddd833d22703caf9025659eb174f7765df7147c"
}
],
"source": {
"advisory": "GHSA-43c9-gw4x-pcx6",
"discovery": "UNKNOWN"
},
"title": "YesWiki vulnerable to authenticated arbitrary file deletion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24019",
"datePublished": "2025-01-21T17:36:10.367Z",
"dateReserved": "2025-01-16T17:31:06.459Z",
"dateUpdated": "2025-02-12T20:41:22.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-51478
Vulnerability from cvelistv5
Published
2024-10-31 16:15
Modified
2024-10-31 16:51
Severity ?
EPSS score ?
Summary
Use of a Broken or Risky Cryptographic Algorithm in YesWiki
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-4fvx-h823-38v3 | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/b5a8f93b87720d5d5f033a4b3a131ce0fb621dbc | x_refsource_MISC | |
| https://github.com/YesWiki/yeswiki/commit/e1285709f6f6a2277bd0075acf369f33cefd78f7 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:yeswiki:yeswiki:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "yeswiki",
"vendor": "yeswiki",
"versions": [
{
"lessThan": "4.4.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51478",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T16:50:17.636181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T16:51:13.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T16:15:46.811Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-4fvx-h823-38v3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-4fvx-h823-38v3"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/b5a8f93b87720d5d5f033a4b3a131ce0fb621dbc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/b5a8f93b87720d5d5f033a4b3a131ce0fb621dbc"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/e1285709f6f6a2277bd0075acf369f33cefd78f7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/e1285709f6f6a2277bd0075acf369f33cefd78f7"
}
],
"source": {
"advisory": "GHSA-4fvx-h823-38v3",
"discovery": "UNKNOWN"
},
"title": "Use of a Broken or Risky Cryptographic Algorithm in YesWiki"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-51478",
"datePublished": "2024-10-31T16:15:46.811Z",
"dateReserved": "2024-10-28T14:20:59.335Z",
"dateUpdated": "2024-10-31T16:51:13.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-43091
Vulnerability from cvelistv5
Published
2022-03-25 16:14
Modified
2024-08-04 03:47
Severity ?
EPSS score ?
Summary
An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/07f245a7-ee9f-4b55-a0cc-13d5cb1be6e0/ | x_refsource_MISC | |
| https://github.com/yeswiki/yeswiki/commit/c9785f9a92744c3475f9676a0d8f95de24750094 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:47:13.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://huntr.dev/bounties/07f245a7-ee9f-4b55-a0cc-13d5cb1be6e0/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/yeswiki/yeswiki/commit/c9785f9a92744c3475f9676a0d8f95de24750094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T16:14:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://huntr.dev/bounties/07f245a7-ee9f-4b55-a0cc-13d5cb1be6e0/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/yeswiki/yeswiki/commit/c9785f9a92744c3475f9676a0d8f95de24750094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-43091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/07f245a7-ee9f-4b55-a0cc-13d5cb1be6e0/",
"refsource": "MISC",
"url": "https://huntr.dev/bounties/07f245a7-ee9f-4b55-a0cc-13d5cb1be6e0/"
},
{
"name": "https://github.com/yeswiki/yeswiki/commit/c9785f9a92744c3475f9676a0d8f95de24750094",
"refsource": "MISC",
"url": "https://github.com/yeswiki/yeswiki/commit/c9785f9a92744c3475f9676a0d8f95de24750094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43091",
"datePublished": "2022-03-25T16:14:57",
"dateReserved": "2021-11-01T00:00:00",
"dateUpdated": "2024-08-04T03:47:13.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-31131
Vulnerability from cvelistv5
Published
2025-04-01 14:56
Modified
2025-04-01 16:11
Severity ?
EPSS score ?
Summary
Path Traversal allowing arbitrary read of files in Yeswiki
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w34w-fvp3-68xm | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/f78c915369a60c74ab8f38561ae93a4aaca9b989 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-31131",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-01T16:09:50.000638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-01T16:11:20.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. This vulnerability is fixed in 4.5.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-01T14:56:45.222Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w34w-fvp3-68xm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w34w-fvp3-68xm"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/f78c915369a60c74ab8f38561ae93a4aaca9b989",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/f78c915369a60c74ab8f38561ae93a4aaca9b989"
}
],
"source": {
"advisory": "GHSA-w34w-fvp3-68xm",
"discovery": "UNKNOWN"
},
"title": "Path Traversal allowing arbitrary read of files in Yeswiki"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-31131",
"datePublished": "2025-04-01T14:56:45.222Z",
"dateReserved": "2025-03-26T15:04:52.627Z",
"dateUpdated": "2025-04-01T16:11:20.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-24018
Vulnerability from cvelistv5
Published
2025-01-21 17:02
Modified
2025-01-21 17:15
Severity ?
EPSS score ?
Summary
YesWiki Vulnerable to Authenticated Stored XSS
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w59h-3x3q-3p6j | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b | x_refsource_MISC | |
| https://github.com/YesWiki/yeswiki/blob/v4.4.5/tools/attach/libs/attach.lib.php#L660 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24018",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T17:15:18.637531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T17:15:37.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w59h-3x3q-3p6j"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for an authenticated user with rights to edit/create a page or comment to trigger a stored XSS which will be reflected on any page where the resource is loaded. The vulnerability makes use of the content edition feature and more specifically of the `{{attach}}` component allowing users to attach files/medias to a page. When a file is attached using the `{{attach}}` component, if the resource contained in the `file` attribute doesn\u0027t exist, then the server will generate a file upload button containing the filename. This vulnerability allows any malicious authenticated user that has the right to create a comment or edit a page to be able to steal accounts and therefore modify pages, comments, permissions, extract user data (emails), thus impacting the integrity, availability and confidentiality of a YesWiki instance. Version 4.5.0 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T17:02:04.924Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w59h-3x3q-3p6j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w59h-3x3q-3p6j"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b"
},
{
"name": "https://github.com/YesWiki/yeswiki/blob/v4.4.5/tools/attach/libs/attach.lib.php#L660",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/blob/v4.4.5/tools/attach/libs/attach.lib.php#L660"
}
],
"source": {
"advisory": "GHSA-w59h-3x3q-3p6j",
"discovery": "UNKNOWN"
},
"title": "YesWiki Vulnerable to Authenticated Stored XSS"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24018",
"datePublished": "2025-01-21T17:02:04.924Z",
"dateReserved": "2025-01-16T17:31:06.459Z",
"dateUpdated": "2025-01-21T17:15:37.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-46349
Vulnerability from cvelistv5
Published
2025-04-29 17:11
Modified
2025-04-29 18:01
Severity ?
EPSS score ?
Summary
YesWiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-2f8p-qqx2-gwr2 | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/pull/1264/commits/6edde40eb7eeb5d60619ac4d1e0a0422d92e9524 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46349",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T18:01:18.455461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T18:01:20.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-2f8p-qqx2-gwr2"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file upload form. This vulnerability allows any malicious unauthenticated user to create a link that can be clicked on by the victim to perform arbitrary actions. This issue has been patched in version 4.5.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T17:11:10.679Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-2f8p-qqx2-gwr2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-2f8p-qqx2-gwr2"
},
{
"name": "https://github.com/YesWiki/yeswiki/pull/1264/commits/6edde40eb7eeb5d60619ac4d1e0a0422d92e9524",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/pull/1264/commits/6edde40eb7eeb5d60619ac4d1e0a0422d92e9524"
}
],
"source": {
"advisory": "GHSA-2f8p-qqx2-gwr2",
"discovery": "UNKNOWN"
},
"title": "YesWiki Vulnerable to Unauthenticated Reflected Cross-site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46349",
"datePublished": "2025-04-29T17:11:10.679Z",
"dateReserved": "2025-04-22T22:41:54.913Z",
"dateUpdated": "2025-04-29T18:01:20.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1000641
Vulnerability from cvelistv5
Published
2018-08-20 19:00
Modified
2024-09-16 23:26
Severity ?
EPSS score ?
Summary
YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/issues/356 | x_refsource_MISC | |
| https://0dd.zone/2018/08/05/YesWiki-Object-Injection/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:40:47.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/YesWiki/yeswiki/issues/356"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://0dd.zone/2018/08/05/YesWiki-Object-Injection/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "YesWiki version \u003c= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-20T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/issues/356"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://0dd.zone/2018/08/05/YesWiki-Object-Injection/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-08-19T17:09:33.141498",
"DATE_REQUESTED": "2018-08-08T12:58:09",
"ID": "CVE-2018-1000641",
"REQUESTER": "sajeeb@0dd.zone",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "YesWiki version \u003c= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/YesWiki/yeswiki/issues/356",
"refsource": "MISC",
"url": "https://github.com/YesWiki/yeswiki/issues/356"
},
{
"name": "https://0dd.zone/2018/08/05/YesWiki-Object-Injection/",
"refsource": "MISC",
"url": "https://0dd.zone/2018/08/05/YesWiki-Object-Injection/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1000641",
"datePublished": "2018-08-20T19:00:00Z",
"dateReserved": "2018-08-20T00:00:00Z",
"dateUpdated": "2024-09-16T23:26:13.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-46348
Vulnerability from cvelistv5
Published
2025-04-29 20:39
Modified
2025-04-29 20:39
Severity ?
EPSS score ?
Summary
YesWiki Vulnerable to Unauthenticated Site Backup Creation and Download
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wc9g-6j9w-hr95 | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530 | x_refsource_MISC |
{
"containers": {
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated. This could result in a malicious attacker making numerous requests to create archives and fill up the file system, or by downloading the archive which contains sensitive site information. This issue has been patched in version 4.5.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T20:39:40.423Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wc9g-6j9w-hr95",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wc9g-6j9w-hr95"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530"
}
],
"source": {
"advisory": "GHSA-wc9g-6j9w-hr95",
"discovery": "UNKNOWN"
},
"title": "YesWiki Vulnerable to Unauthenticated Site Backup Creation and Download"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46348",
"datePublished": "2025-04-29T20:39:40.423Z",
"dateReserved": "2025-04-22T22:41:54.913Z",
"dateUpdated": "2025-04-29T20:39:40.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-46550
Vulnerability from cvelistv5
Published
2025-04-29 20:41
Modified
2025-04-29 20:41
Severity ?
EPSS score ?
Summary
Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-ggqx-43h2-55jp | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/4e9e51d80cd024ed2ac5c12c820817e6d8c2655a | x_refsource_MISC |
{
"containers": {
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the `/?BazaR` endpoint and `idformulaire` parameter are vulnerable to cross-site scripting. An attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user\u2019s session. This vulnerability may also allow attackers to deface the website or embed malicious content. This issue has been patched in version 4.5.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T20:41:01.879Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-ggqx-43h2-55jp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-ggqx-43h2-55jp"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/4e9e51d80cd024ed2ac5c12c820817e6d8c2655a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/4e9e51d80cd024ed2ac5c12c820817e6d8c2655a"
}
],
"source": {
"advisory": "GHSA-ggqx-43h2-55jp",
"discovery": "UNKNOWN"
},
"title": "Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46550",
"datePublished": "2025-04-29T20:41:01.879Z",
"dateReserved": "2025-04-24T21:10:48.173Z",
"dateUpdated": "2025-04-29T20:41:01.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-46350
Vulnerability from cvelistv5
Published
2025-04-29 17:11
Modified
2025-04-29 18:00
Severity ?
EPSS score ?
Summary
Yeswiki Vulnerable to Authenticated Reflected Cross-site Scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-cg4f-cq8h-3ch8 | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/e2603176a4607b83659635a0c517550d4a171cb9 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46350",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T18:00:32.010451Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T18:00:34.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-cg4f-cq8h-3ch8"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user\u2019s session. This vulnerability may also allow attackers to deface the website or embed malicious content. This issue has been patched in version 4.5.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T17:11:18.291Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-cg4f-cq8h-3ch8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-cg4f-cq8h-3ch8"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/e2603176a4607b83659635a0c517550d4a171cb9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/e2603176a4607b83659635a0c517550d4a171cb9"
}
],
"source": {
"advisory": "GHSA-cg4f-cq8h-3ch8",
"discovery": "UNKNOWN"
},
"title": "Yeswiki Vulnerable to Authenticated Reflected Cross-site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46350",
"datePublished": "2025-04-29T17:11:18.291Z",
"dateReserved": "2025-04-22T22:41:54.913Z",
"dateUpdated": "2025-04-29T18:00:34.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-46549
Vulnerability from cvelistv5
Published
2025-04-29 20:40
Modified
2025-04-29 20:40
Severity ?
EPSS score ?
Summary
Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-r9gv-qffm-xw6f | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/107d43056adebaa0c731230f9fd010898e88f3f5 | x_refsource_MISC |
{
"containers": {
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user\u2019s session. This vulnerability may also allow attackers to deface the website or embed malicious content. This issue has been patched in version 4.5.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T20:40:26.765Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-r9gv-qffm-xw6f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-r9gv-qffm-xw6f"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/107d43056adebaa0c731230f9fd010898e88f3f5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/107d43056adebaa0c731230f9fd010898e88f3f5"
}
],
"source": {
"advisory": "GHSA-r9gv-qffm-xw6f",
"discovery": "UNKNOWN"
},
"title": "Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46549",
"datePublished": "2025-04-29T20:40:26.765Z",
"dateReserved": "2025-04-24T21:10:48.172Z",
"dateUpdated": "2025-04-29T20:40:26.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-46347
Vulnerability from cvelistv5
Published
2025-04-29 17:11
Modified
2025-04-29 18:06
Severity ?
EPSS score ?
Summary
YesWiki Remote Code Execution via Arbitrary PHP File Write and Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-88xg-v53p-fpvf | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/8fe5275a78dc7e0f9c242baa3cbac6b5ac1cc066 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46347",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T18:06:13.841471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T18:06:22.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-88xg-v53p-fpvf"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki vulnerable to remote code execution. An arbitrary file write can be used to write a file with a PHP extension, which then can be browsed to in order to execute arbitrary code on the server, resulting in a full compromise of the server. This could potentially be performed unwittingly by a user. This issue has been patched in version 4.5.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T17:11:05.404Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-88xg-v53p-fpvf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-88xg-v53p-fpvf"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/8fe5275a78dc7e0f9c242baa3cbac6b5ac1cc066",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/8fe5275a78dc7e0f9c242baa3cbac6b5ac1cc066"
}
],
"source": {
"advisory": "GHSA-88xg-v53p-fpvf",
"discovery": "UNKNOWN"
},
"title": "YesWiki Remote Code Execution via Arbitrary PHP File Write and Execution"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46347",
"datePublished": "2025-04-29T17:11:05.404Z",
"dateReserved": "2025-04-22T22:41:54.913Z",
"dateUpdated": "2025-04-29T18:06:22.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-46346
Vulnerability from cvelistv5
Published
2025-04-29 15:36
Modified
2025-04-29 17:47
Severity ?
EPSS score ?
Summary
YesWiki Vulnerable to Stored XSS in Comments
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-59x8-cvxh-3mm4 | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46346",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T17:47:34.389811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T17:47:55.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-59x8-cvxh-3mm4"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Prior to version 4.5.4, a stored cross-site scripting (XSS) vulnerability was discovered in the application\u2019s comments feature. This issue allows a malicious actor to inject JavaScript payloads that are stored and later executed in the browser of any user viewing the affected comment. The XSS occurs because the application fails to properly sanitize or encode user input submitted to the comments. Notably, the application sanitizes or does not allow execution of `\u003cscript\u003e` tags, but does not account for payloads obfuscated using JavaScript block comments like `/* JavaScriptPayload */`. This issue has been patched in version 4.5.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T15:36:14.321Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-59x8-cvxh-3mm4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-59x8-cvxh-3mm4"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530"
}
],
"source": {
"advisory": "GHSA-59x8-cvxh-3mm4",
"discovery": "UNKNOWN"
},
"title": "YesWiki Vulnerable to Stored XSS in Comments"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46346",
"datePublished": "2025-04-29T15:36:14.321Z",
"dateReserved": "2025-04-22T22:41:54.913Z",
"dateUpdated": "2025-04-29T17:47:55.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-24017
Vulnerability from cvelistv5
Published
2025-01-21 15:37
Modified
2025-02-12 20:41
Severity ?
EPSS score ?
Summary
YesWiki Vulnerable to Unauthenticated DOM Based XSS
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wphc-5f2j-jhvg | x_refsource_CONFIRM | |
| https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24017",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T16:36:11.680711Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:21.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yeswiki",
"vendor": "YesWiki",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YesWiki is a wiki system written in PHP. Versions up to and including 4.4.5 are vulnerable to any end-user crafting a DOM based XSS on all of YesWiki\u0027s pages which is triggered when a user clicks on a malicious link. The vulnerability makes use of the search by tag feature. When a tag doesn\u0027t exist, the tag is reflected on the page and isn\u0027t properly sanitized on the server side which allows a malicious user to generate a link that will trigger an XSS on the client\u0027s side when clicked. This vulnerability allows any user to generate a malicious link that will trigger an account takeover when clicked, therefore allowing a user to steal other accounts, modify pages, comments, permissions, extract user data (emails), thus impacting the integrity, availability and confidentiality of a YesWiki instance. Version 4.5.0 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T17:36:37.698Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wphc-5f2j-jhvg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wphc-5f2j-jhvg"
},
{
"name": "https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b"
}
],
"source": {
"advisory": "GHSA-wphc-5f2j-jhvg",
"discovery": "UNKNOWN"
},
"title": "YesWiki Vulnerable to Unauthenticated DOM Based XSS"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24017",
"datePublished": "2025-01-21T15:37:58.654Z",
"dateReserved": "2025-01-16T17:31:06.458Z",
"dateUpdated": "2025-02-12T20:41:21.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}