Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:44 a.m.7 views

CVE-2022-23654

Wiki.js is a wiki app built on Node.js. In affected versions an authenticated user with write access on a restricted set of paths can update a page outside the allowed paths by specifying a different target page ID while keeping the path intact. The access control incorrectly check the path acces...

8.1CVSS6.6AI score0.00712EPSS
Exploits0References1
Circl
Circl
added 2022/02/22 10:12 p.m.4 views

CVE-2022-23654

creationtimestamp| type| source ---|---|--- 2022-02-22 22:12:45+00:00| published-proof-of-concept| https://t.me/cibsecurity/37901...

8.1CVSS6.3AI score0.00712EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/02/22 8:5 p.m.4 views

CVE-2022-23654 Improper write access check in Requarks/wiki

Wiki.js is a wiki app built on Node.js. In affected versions an authenticated user with write access on a restricted set of paths can update a page outside the allowed paths by specifying a different target page ID while keeping the path intact. The access control incorrectly check the path acces...

8.1CVSS8AI score0.00712EPSS
Exploits0References2
CVE
CVE
added 2022/02/22 8:5 p.m.164 views

CVE-2022-23654

Wiki.js (Node.js-based wiki) is affected by CVE-2022-23654 where an authenticated writer can update a page outside allowed paths by supplying a different target page ID while keeping the path, because access control checks the path against user-provided values instead of the actual path for the p...

8.1CVSS6.8AI score0.00712EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/02/22 8:5 p.m.18 views

CVE-2022-23654 Improper write access check in Requarks/wiki

Wiki.js is a wiki app built on Node.js. In affected versions an authenticated user with write access on a restricted set of paths can update a page outside the allowed paths by specifying a different target page ID while keeping the path intact. The access control incorrectly check the path acces...

8.1CVSS8.2AI score0.00712EPSS
Exploits0References2
Rows per page
Query Builder