Lucene search
CVE-2023-26472
XWiki Platform allows unauthorized execution of wiki content by creating an icon theme. Patched in XWiki 14.9, 14.4.6, and 13.10.10
Show more
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | Code injection | 2 Mar 202319:15 | – | prion |
 | CVE-2023-26472 | 2 Mar 202319:15 | – | osv |
| XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile | 3 Mar 202322:48 | – | osv |
 | CVE-2023-26472 XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile | 2 Mar 202318:25 | – | cvelist |
 | CVE-2023-26472 | 2 Mar 202319:15 | – | nvd |
 | XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile | 3 Mar 202322:48 | – | github |
 | XWiki 6.2-milestone-1 < 13.10.10, 14.x < 14.4.6, 14.5.x < 14.9 Privilege Escalation Vulnerability (GHSA-vwr6-qp4q-2wj7) | 6 Mar 202300:00 | – | openvas |
 | CVE-2023-26472 XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile | 2 Mar 202318:25 | – | vulnrichment |
[
{
"vendor": "xwiki",
"product": "xwiki-platform",
"versions": [
{
"version": ">= 6.2-milestone-1, < 13.10.10",
"status": "affected"
},
{
"version": ">= 14.0, < 14.4.6",
"status": "affected"
},
{
"version": ">= 14.5, < 14.9",
"status": "affected"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo02 Mar 2023 19:15Current
9.3High risk
Vulners AI Score9.3
CVSS38.8 - 9.9
EPSS0.0142
SSVC