CVE-2020-11057

2020-05-12T21:15:00
ID CVE-2020-11057
Type cve
Reporter cve@mitre.org
Modified 2020-05-18T18:00:00

Description

In XWiki Platform 7.2 through 11.10.2, registered users without scripting/programming permissions are able to execute python/groovy scripts while editing personal dashboards. This has been fixed 11.3.7 , 11.10.3 and 12.0.