CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1248 vulnerabilities reference this CWE, most recent first.
GHSA-4F8G-FQ6X-JQRR
Vulnerability from github – Published: 2023-04-12 20:34 – Updated: 2023-04-16 07:16Impact
Rights added to a document are not taken into account for viewing it once it's deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on a space of a deleted document are properly checked.
Patches
The problem has been patched in XWiki 14.10 by checking the rights of current user: only admin and deleter of the document are allowed to view it.
Workarounds
There is no workaround for this vulnerability other than upgrading.
References
- Jira ticket: https://jira.xwiki.org/browse/XWIKI-16285
- Commit: https://github.com/xwiki/xwiki-platform/commit/d9e947559077e947315bf700c5703dfc7dd8a8d7
For more information
If you have any questions or comments about this advisory: * Open an issue in Jira * Email us at security ML
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-oldcore"
},
"ranges": [
{
"events": [
{
"introduced": "1.2-milestone-1"
},
{
"fixed": "13.10.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-oldcore"
},
"ranges": [
{
"events": [
{
"introduced": "14.0-rc-1"
},
{
"fixed": "14.4.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-oldcore"
},
"ranges": [
{
"events": [
{
"introduced": "14.5"
},
{
"fixed": "14.10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-29208"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-12T20:34:55Z",
"nvd_published_at": "2023-04-15T16:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nRights added to a document are not taken into account for viewing it once it\u0027s deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on a space of a deleted document are properly checked.\n\n### Patches\n\nThe problem has been patched in XWiki 14.10 by checking the rights of current user: only admin and deleter of the document are allowed to view it.\n\n### Workarounds\n\nThere is no workaround for this vulnerability other than upgrading.\n\n### References\n\n * Jira ticket: https://jira.xwiki.org/browse/XWIKI-16285\n * Commit: https://github.com/xwiki/xwiki-platform/commit/d9e947559077e947315bf700c5703dfc7dd8a8d7\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira](https://jira.xwiki.org)\n* Email us at [security ML](mailto:security@xwiki.org)\n",
"id": "GHSA-4f8g-fq6x-jqrr",
"modified": "2023-04-16T07:16:53Z",
"published": "2023-04-12T20:34:55Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4f8g-fq6x-jqrr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29208"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/d9e947559077e947315bf700c5703dfc7dd8a8d7"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-16285"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "org.xwiki.platform:xwiki-platform-oldcore vulnerable to data leak through deleted documents "
}
GHSA-4F93-XJPV-HRXP
Vulnerability from github – Published: 2022-03-10 00:00 – Updated: 2022-03-17 00:02Skype Extension for Chrome Information Disclosure Vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-24522"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-09T17:15:00Z",
"severity": "HIGH"
},
"details": "Skype Extension for Chrome Information Disclosure Vulnerability.",
"id": "GHSA-4f93-xjpv-hrxp",
"modified": "2022-03-17T00:02:12Z",
"published": "2022-03-10T00:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24522"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24522"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24522"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4FHM-P86V-HWPX
Vulnerability from github – Published: 2026-03-17 12:30 – Updated: 2026-06-05 14:26Apache Airflow versions 3.1.0 through 3.1.7 session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url. This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full session takeover without attacking Airflow itself.
Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "apache-airflow"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.1.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-28779"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-18T16:32:54Z",
"nvd_published_at": "2026-03-17T11:16:11Z",
"severity": "HIGH"
},
"details": "Apache Airflow versions 3.1.0 through 3.1.7\u00a0session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url.\nThis allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full session takeover without attacking Airflow itself.\n\nUsers are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.",
"id": "GHSA-4fhm-p86v-hwpx",
"modified": "2026-06-05T14:26:13Z",
"published": "2026-03-17T12:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28779"
},
{
"type": "WEB",
"url": "https://github.com/apache/airflow/pull/62771"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/airflow"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2026-16.yaml"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/r4n5znb8mcq14wo9v8ndml36nxlksdqb"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/03/17/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications"
}
GHSA-4G2V-6X25-VR7P
Vulnerability from github – Published: 2022-04-10 00:00 – Updated: 2022-04-16 00:01Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostname(s), system architecture, and file/directory details.
{
"affected": [],
"aliases": [
"CVE-2022-28365"
],
"database_specific": {
"cwe_ids": [
"CWE-425",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-09T17:15:00Z",
"severity": "MODERATE"
},
"details": "Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostname(s), system architecture, and file/directory details.",
"id": "GHSA-4g2v-6x25-vr7p",
"modified": "2022-04-16T00:01:22Z",
"published": "2022-04-10T00:00:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28365"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2022/Apr/1"
},
{
"type": "WEB",
"url": "https://www.reprisesoftware.com/RELEASE_NOTES"
},
{
"type": "WEB",
"url": "https://www.reprisesoftware.com/products/software-license-management.php"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/166647/Reprise-License-Manager-14.2-Cross-Site-Scripting-Information-Disclosure.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4G94-RRHW-H5FW
Vulnerability from github – Published: 2023-10-12 18:30 – Updated: 2025-11-04 21:30An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2023-32275"
],
"database_specific": {
"cwe_ids": [
"CWE-201",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-12T16:15:11Z",
"severity": "MODERATE"
},
"details": "An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.",
"id": "GHSA-4g94-rrhw-h5fw",
"modified": "2025-11-04T21:30:44Z",
"published": "2023-10-12T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32275"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753"
},
{
"type": "WEB",
"url": "https://www.softether.org/9-about/News/904-SEVPN202301"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1753"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4GV4-7PHC-2JW7
Vulnerability from github – Published: 2022-12-08 21:30 – Updated: 2022-12-12 15:30Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.
{
"affected": [],
"aliases": [
"CVE-2022-4366"
],
"database_specific": {
"cwe_ids": [
"CWE-497",
"CWE-668",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-08T19:15:00Z",
"severity": "HIGH"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.",
"id": "GHSA-4gv4-7phc-2jw7",
"modified": "2022-12-12T15:30:30Z",
"published": "2022-12-08T21:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4366"
},
{
"type": "WEB",
"url": "https://github.com/lirantal/daloradius/commit/3d11f375a76ddb3741200296e15f81d82dfb80ce"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/f225d69a-d971-410d-a8f9-b0026143aed8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4H69-9CG9-WQMW
Vulnerability from github – Published: 2022-07-13 00:01 – Updated: 2022-07-17 00:00Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
{
"affected": [],
"aliases": [
"CVE-2022-33700"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-12T14:15:00Z",
"severity": "LOW"
},
"details": "Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.",
"id": "GHSA-4h69-9cg9-wqmw",
"modified": "2022-07-17T00:00:45Z",
"published": "2022-07-13T00:01:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33700"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4HF4-G256-GXVM
Vulnerability from github – Published: 2022-12-15 21:30 – Updated: 2025-04-21 18:32This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information.
{
"affected": [],
"aliases": [
"CVE-2022-42843"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-15T19:15:00Z",
"severity": "MODERATE"
},
"details": "This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information.",
"id": "GHSA-4hf4-g256-gxvm",
"modified": "2025-04-21T18:32:07Z",
"published": "2022-12-15T21:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42843"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213530"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213532"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213535"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213536"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Dec/20"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Dec/27"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4HQJ-2GG9-GQGP
Vulnerability from github – Published: 2021-12-09 00:00 – Updated: 2022-08-02 00:00An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.
{
"affected": [],
"aliases": [
"CVE-2021-25515"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-08T15:15:00Z",
"severity": "LOW"
},
"details": "An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.",
"id": "GHSA-4hqj-2gg9-gqgp",
"modified": "2022-08-02T00:00:33Z",
"published": "2021-12-09T00:00:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25515"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4HR4-W7M2-R3VR
Vulnerability from github – Published: 2023-07-11 15:31 – Updated: 2024-04-04 05:56An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.
{
"affected": [],
"aliases": [
"CVE-2023-31818"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-11T15:15:20Z",
"severity": "HIGH"
},
"details": "An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.",
"id": "GHSA-4hr4-w7m2-r3vr",
"modified": "2024-04-04T05:56:42Z",
"published": "2023-07-11T15:31:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31818"
},
{
"type": "WEB",
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31818.md"
},
{
"type": "WEB",
"url": "http://marukyu.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.