Lucene search
China National Vulnerability DatabaseCNVD-2022-86322HistoryNov 24, 2022 - 12:00 a.m.
XWiki Platform licensing issue vulnerability
2022-11-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
xwiki
authorization
vulnerability
privilege management
xar package
0.001 Low
EPSS
Percentile
41.4%
XWiki Platform is a set of wiki platforms for creating web collaboration applications from the French company XWiki. XWiki Platform versions prior to 13.10.8, 14.0 and later, and prior to 14.4.3 are vulnerable to authorization issues, which stem from incorrect privilege management and can be exploited by attackers to modify the wiki by importing a crafted XAR package to Any page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xwiki xwiki platform | lt | 13.10.8 | |
| xwiki xwiki platform >=14.0, | lt | 14.4.3 |
Related
prion
prion
Code injection
2022-11-22 01:15:00
osv
osv
CVE-2022-41937
2022-11-22 01:15:36
openvas
openvas
cve
cve
CVE-2022-41937
2022-11-22 01:15:36
cvelist
cvelist
CVE-2022-41937 Missing Authorization in XWiki Platform
2022-11-22 00:00:00
nvd
nvd
CVE-2022-41937
2022-11-22 01:15:36
github
github