CVE-2022-23617

2022-02-0921:15:07

Google

osv.dev

0.001 Low

EPSS

Percentile

40.7%

JSON

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit right can copy the content of a page it does not have access to by using it as template of a new page. This issue has been patched in XWiki 13.2CR1 and 12.10.6. Users are advised to update. There are no known workarounds for this issue.

CPENameOperatorVersion
xwiki-commonseqxwiki-platform-7.3-milestone-2
xwiki-commonseqxwiki-platform-8.0-milestone-1
xwiki-commonseqxwiki-platform-8.3-milestone-1
xwiki-commonseqxwiki-platform-8.2-milestone-2
xwiki-commonseqxwiki-platform-8.2-milestone-1
xwiki-commonseqxwiki-platform-8.1-milestone-2
xwiki-commonseqxwiki-application-calendar-1.0
xwiki-commonseqxwiki-platform-7.4-milestone-1
xwiki-commonseqxwiki-platform-7.4-milestone-2
xwiki-commonseqxwiki-plugin-tag-1.1

Name	Operator	Version
xwiki-commons	eq	xwiki-platform-7.3-milestone-2
xwiki-commons	eq	xwiki-platform-8.0-milestone-1
xwiki-commons	eq	xwiki-platform-8.3-milestone-1
xwiki-commons	eq	xwiki-platform-8.2-milestone-2
xwiki-commons	eq	xwiki-platform-8.2-milestone-1
xwiki-commons	eq	xwiki-platform-8.1-milestone-2
xwiki-commons	eq	xwiki-application-calendar-1.0
xwiki-commons	eq	xwiki-platform-7.4-milestone-1
xwiki-commons	eq	xwiki-platform-7.4-milestone-2
xwiki-commons	eq	xwiki-plugin-tag-1.1