Solr search disclosed email addresses of users

SUBMISSION REFERENCES

• Submission code: XWIKI-0KMN1DIA
• Submission URL: https://www.intigriti.com/auth/dashboard?redirect=/submissions/e95a7ad5-7029-4627-abf0-3e3e3ea0b4ce/XWIKI-0KMN1DIA

RESEARCHER INFORMATION

• Submitter: ynoof

SUBMISSION INFORMATION

• Created at: Mon, 14 Nov 2022 14:51:34 GMT
• Submission status: Archived

REPORT CONTENT

• Severity: Medium (5.3)
• Domain: https://intigriti.xwiki.com/ (Url)
• Proof of concept: Hello,

As mentioned in the wiki program the User profile data are not confidential except `email addresses` and passwords, I can view any email address for any user on the wiki.

1. 1. 1. Steps to reproduce
         1. Go to the following endpoint:

https://intigriti.xwiki.com/xwiki/bin/view/Main/SolrSearch

2. Put the username in the search box, and you will see all emails that the user has.

1. 1. 1. POC {542852}

Thanks,
Ynoof

• Impact: Security issue leads the attacker to view any user's email.
• Personal data involved: No
• Endpoint: https://intigriti.xwiki.com/xwiki/bin/view/Main/SolrSearch
• Type: Security Misconfiguration (Generic)
• Attachments: poc2.png, poc3.png, poc1.png