Wiki.js is an open source wiki app built on Node.js. A disabled user can still gain access to a wiki by abusing the password reset function. While setting up SMTP e-mail's on my server, I tested said e-mails by performing a password reset with my test user. To my shock, not only did it let me reset my password, but after resetting my password I can get into the wiki I was locked out of. The ramifications of this bug is a user can **bypass an account disabling by requesting their password be reset**. All users of wiki.js version `2.5.303` who use any account restrictions and have disabled user are affected. This issue has been addressed in version 2.5.304 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
History

Wed, 18 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Requarks
Requarks wiki.js
CPEs cpe:2.3:a:requarks:wiki.js:2.5.303:*:*:*:*:*:*:*
Vendors & Products Requarks
Requarks wiki.js
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 18 Sep 2024 17:15:00 +0000

Type Values Removed Values Added
Description Wiki.js is an open source wiki app built on Node.js. A disabled user can still gain access to a wiki by abusing the password reset function. While setting up SMTP e-mail's on my server, I tested said e-mails by performing a password reset with my test user. To my shock, not only did it let me reset my password, but after resetting my password I can get into the wiki I was locked out of. The ramifications of this bug is a user can **bypass an account disabling by requesting their password be reset**. All users of wiki.js version `2.5.303` who use any account restrictions and have disabled user are affected. This issue has been addressed in version 2.5.304 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Title Disabled user can bypass lockout by requesting password reset in wiki.js
Weaknesses CWE-670
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-09-18T17:05:58.894Z

Updated: 2024-09-18T18:19:03.285Z

Reserved: 2024-08-26T18:25:35.443Z

Link: CVE-2024-45298

cve-icon Vulnrichment

Updated: 2024-09-18T18:18:57.992Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-09-18T17:15:18.570

Modified: 2024-09-20T12:30:17.483

Link: CVE-2024-45298

cve-icon Redhat

No data.