Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:6 a.m.12 views

CVE-2024-21648

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched in XWiki 14.10.17,...

8.8CVSS6.8AI score0.00512EPSS
Exploits0References1
Circl
Circl
added 2024/01/09 1:26 a.m.9 views

CVE-2024-21648

creationtimestamp| type| source ---|---|--- 2024-01-09 01:26:31+00:00| seen| https://t.me/ctinow/164736 2024-01-25 19:16:49+00:00| seen| https://t.me/ctinow/173718...

8.8CVSS8.1AI score0.00512EPSS
Exploits0References2
CVE
CVE
added 2024/01/08 11:31 p.m.72 views

CVE-2024-21648

CVE-2024-21648 affects XWiki Platform. The issue is a missing privilege check on the rollback action, allowing a user to rollback a page to gain rights they no longer have. The root cause is insufficient rights verification during rollback. Remediation is available in patched releases: XWiki 14.1...

8.8CVSS8.8AI score0.00512EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/08 11:31 p.m.4 views

CVE-2024-21648 XWiki has no right protection on rollback action

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched in XWiki 14.10.17,...

8CVSS8.4AI score0.00512EPSS
Exploits0References3
Rows per page
Query Builder