CVE-2026-33229 Overview
CVE-2026-33229 is a critical Sandbox Bypass vulnerability in XWiki Platform, a generic wiki platform offering runtime services for applications built on top of it. Prior to versions 17.4.8 and 17.10.1, an improperly protected scripting API allows any user with script right to bypass the sandboxing of the Velocity scripting API and execute arbitrary Python scripts. This vulnerability enables full access to the XWiki instance, compromising the confidentiality, integrity, and availability of the entire deployment.
Critical Impact
Attackers with script rights can escape Velocity sandbox restrictions to execute arbitrary Python code, gaining complete control over the XWiki instance including all wiki content, user data, and server-side execution capabilities.
Affected Products
- XWiki Platform versions prior to 17.4.8
- XWiki Platform versions prior to 17.10.1
Discovery Timeline
- April 8, 2026 - CVE-2026-33229 published to NVD
- April 8, 2026 - Last updated in NVD database
Technical Details for CVE-2026-33229
Vulnerability Analysis
This vulnerability falls under CWE-862 (Missing Authorization), where the XWiki Platform fails to properly enforce access controls on its scripting API. The core issue resides in the ScriptXWikiServletRequest class, which exposes the underlying getRequest() method without adequate authorization checks. This design flaw allows users with script privileges to access low-level servlet request objects that should be restricted to trusted contexts only.
When exploited, an attacker can leverage this unprotected API to break out of the Velocity scripting sandbox. The Velocity template engine is designed to provide a controlled execution environment, but the exposed servlet request object provides a pathway to invoke more powerful scripting engines, including Python. This escalation from Velocity to Python execution represents a complete security boundary violation.
The impact extends to full instance compromise—attackers can read and modify any wiki content, access sensitive configuration data, execute system commands, and potentially pivot to attack other systems accessible from the XWiki server.
Root Cause
The root cause is an insufficiently protected API endpoint in the ScriptXWikiServletRequest class located at xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/render/ScriptXWikiServletRequest.java. The getRequest() method was accessible to script-privileged users without proper authorization validation, allowing direct access to the underlying ServletRequest object. This object provides capabilities that extend beyond what the Velocity sandbox permits, creating an escape vector.
Attack Vector
The attack is network-accessible and requires the attacker to have authenticated access with script rights on the XWiki instance. While script right is considered a privileged permission, it is commonly granted to wiki editors and content creators in many deployments. The attacker exploits the unprotected getRequest() method to obtain a reference to the raw servlet request object, then uses this access to invoke Python or other scripting engines that operate outside the Velocity sandbox constraints.
The security patch addresses this by restricting the getRequest() method to only return controlled objects, as shown in the commit:
import java.util.Set;
import javax.servlet.ServletContext;
+import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
Source: GitHub Commit Update
The patch modifies the import statements and implements proper access controls to ensure the getRequest() method only returns properly sandboxed objects to script contexts.
Detection Methods for CVE-2026-33229
Indicators of Compromise
- Unexpected Python script execution in XWiki server logs
- Wiki pages containing Velocity templates that reference getRequest() or servlet objects
- Unusual system command executions originating from the XWiki application process
- Modifications to sensitive wiki content or user permissions by script-privileged accounts
Detection Strategies
- Monitor XWiki application logs for scripting errors or unusual execution patterns involving Python or servlet APIs
- Review wiki page content and templates for suspicious Velocity code attempting to access ScriptXWikiServletRequest.getRequest()
- Implement file integrity monitoring on XWiki configuration and system directories
- Audit user permissions to identify accounts with script rights that may have been compromised
Monitoring Recommendations
- Enable verbose logging for the XWiki scripting subsystem to capture API access patterns
- Configure alerting for any Python execution attempts within the XWiki application context
- Monitor network traffic from the XWiki server for unexpected outbound connections
- Implement regular audits of wiki content for malicious scripts or unusual template modifications
How to Mitigate CVE-2026-33229
Immediate Actions Required
- Upgrade XWiki Platform to version 17.4.8 or 17.10.1 immediately
- Review and restrict script rights to only trusted administrators
- Audit existing wiki pages for potentially malicious Velocity templates
- Monitor for indicators of compromise on XWiki instances that may have been exposed
Patch Information
XWiki has released security patches in versions 17.4.8 and 17.10.1 that properly restrict access to the servlet request object. The fix is tracked in the GitHub Security Advisory and related XWiki issue trackers XWIKI-23698 and XWIKI-23702. Organizations should prioritize upgrading to these patched versions.
Workarounds
- Remove script rights from all untrusted users until patching is complete
- Implement web application firewall rules to detect and block suspicious Velocity template submissions
- Restrict network access to XWiki instances to trusted internal networks only
- Consider temporarily disabling custom scripting functionality if not business-critical
# Review users with script rights in XWiki
# Access Administration > Users & Groups > Rights
# Revoke 'Script' permission from non-administrative users
# Restrict XWiki to internal access only (example nginx configuration)
location /xwiki {
allow 10.0.0.0/8;
allow 192.168.0.0/16;
deny all;
proxy_pass http://localhost:8080/xwiki;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
