Advisories for Composer/Yeswiki/Yeswiki package

2025

Unauthenticated DOM Based XSS in YesWiki

It is possible for any end-user to craft a DOM based XSS on all of YesWiki's pages which will be triggered when a user clicks on a malicious link. This Proof of Concept has been performed using the followings: YesWiki v4.4.5 (doryphore-dev branch, latest) Docker environnment (docker/docker-compose.yml) Docker v27.5.0 Default installation

Authenticated Stored XSS in YesWiki

It is possible for an authenticated user with rights to edit/create a page or comment to trigger a stored XSS which will be reflected on any page where the resource is loaded. This Proof of Concept has been performed using the followings: YesWiki v4.4.5 (doryphore-dev branch, latest) Docker environnment (docker/docker-compose.yml) Docker v27.5.0 Default installation

Authenticated arbitrary file deletion in YesWiki

It is possible for any authenticated user, through the use of the filemanager to delete any file owned by the user running the FastCGI Process Manager (FPM) on the host without any limitation on the filesystem's scope. This Proof of Concept has been performed using the followings: YesWiki v4.4.5 (doryphore-dev branch, latest) Docker environnment (docker/docker-compose.yml) Docker v27.5.0 Default installation

2024
2022