Skip to main content

CVE-2022-41814: CWE-79 Cross-site Scripting (XSS) in Hallo Welt! GmbH BlueSpice

Low
VulnerabilityCVE-2022-41814cvecve-2022-41814cwe-79
Published: Tue Nov 15 2022 (11/15/2022, 14:24:50 UTC)
Source: CVE
Vendor/Project: Hallo Welt! GmbH
Product: BlueSpice

Description

Cross-site Scripting (XSS) vulnerability in BlueSpiceFoundation extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the history view of a wikipage.

AI-Powered Analysis

AILast updated: 06/25/2025, 02:35:20 UTC

Technical Analysis

CVE-2022-41814 is a Cross-site Scripting (XSS) vulnerability identified in the BlueSpiceFoundation extension of BlueSpice, a wiki software product developed by Hallo Welt! GmbH. The vulnerability affects version 4 of BlueSpice. Specifically, this flaw allows a user who has a regular account with edit permissions to inject arbitrary HTML content into the history view of a wiki page. This injection occurs because the application does not properly sanitize or encode user-supplied input before rendering it in the history view, which is accessible to other users. The vulnerability is classified under CWE-79, indicating improper neutralization of input during web page generation. The CVSS 3.1 base score is 3.3, reflecting a low severity level. The vector indicates that the attack requires local access (AV:L), low attack complexity (AC:L), privileges (PR:L), no user interaction (UI:N), and impacts confidentiality only (C:L), with no impact on integrity or availability. No known exploits have been reported in the wild, and no official patches or mitigation links are provided in the source information. The vulnerability was published on November 15, 2022, and was reserved on October 7, 2022. The flaw could allow an attacker with edit permissions to execute HTML-based attacks such as session hijacking or phishing within the context of the wiki application, potentially exposing sensitive information to unauthorized parties viewing the history page.

Potential Impact

For European organizations using BlueSpice version 4, this vulnerability poses a moderate confidentiality risk. Since the flaw allows injection of arbitrary HTML into the history view, an attacker with edit permissions could craft malicious payloads that execute in the browsers of users viewing the page history. This could lead to theft of session cookies, unauthorized actions performed on behalf of users, or exposure of sensitive internal wiki information. However, the requirement for the attacker to have edit permissions limits the scope to insider threats or compromised accounts. The lack of impact on integrity and availability reduces the risk of data tampering or service disruption. Organizations relying on BlueSpice for internal documentation, knowledge management, or collaboration could face reputational damage and potential data leakage if this vulnerability is exploited. Given that BlueSpice is used by various enterprises and public sector entities in Europe, especially in Germany where the vendor is based, the risk is more pronounced in organizations with less stringent user access controls or monitoring. The absence of known exploits in the wild suggests limited active threat but does not preclude targeted attacks.

Mitigation Recommendations

Restrict edit permissions strictly to trusted users and regularly audit user roles to minimize the number of accounts capable of injecting content. Implement additional input validation and output encoding on the history view rendering to neutralize any injected HTML or scripts, even if the vendor has not yet released a patch. Monitor wiki page history views for unusual or suspicious HTML content that could indicate attempted exploitation. Educate users with edit permissions about the risks of injecting untrusted content and enforce policies against misuse. Consider deploying web application firewalls (WAFs) with custom rules to detect and block suspicious HTML payloads in requests related to wiki edits or history views. If feasible, upgrade to a newer version of BlueSpice once a patch addressing this vulnerability is released, or apply vendor-provided security updates promptly. Implement Content Security Policy (CSP) headers to restrict the execution of inline scripts or untrusted content within the wiki application context.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
HW
Date Reserved
2022-10-07T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d983cc4522896dcbee8d6

Added to database: 5/21/2025, 9:09:16 AM

Last enriched: 6/25/2025, 2:35:20 AM

Last updated: 8/16/2025, 10:05:25 PM

Views: 18

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats