4 matches found
CVE-2023-45138
Change Request is an pplication allowing users to request changes on a wiki without publishing the changes directly. Starting in version 0.11 and prior to version 1.9.2, it's possible for a user without any specific right to perform script injection and remote code execution just by inserting an...
CVE-2023-45138
creationtimestamp| type| source ---|---|--- 2023-10-12 20:23:34+00:00| seen| https://t.me/cibsecurity/72194...
CVE-2023-45138 Change Request Application vulnerable to XSS and remote code execution through change request title
Change Request is an pplication allowing users to request changes on a wiki without publishing the changes directly. Starting in version 0.11 and prior to version 1.9.2, it's possible for a user without any specific right to perform script injection and remote code execution just by inserting an...
CVE-2023-45138
CVE-2023-45138 affects the Change Request application (XWiki Contrib). From versions 0.11 up to 1.9.1, a user without specific rights could trigger script injection and remote code execution by supplying an appropriate title when creating a new Change Request. This leads to a critical impact, wit...