Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2025/07/18 12:0 a.m.3 views

XWiki 15.3-rc-1 < 15.10.14, 16.0.0-rc-1 < 16.4.6, 16.5.0-rc-1 < 16.10.0 Missing Authorization Vulnerability (GHSA-f9c6-2f9p-82jj)

Xwiki is prone to a missing authorization vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

9.8CVSS7.3AI score0.00499EPSS
Exploits0References1
Circl
Circl
added 2025/04/30 7:13 p.m.4 views

CVE-2025-46557

creationtimestamp| type| source ---|---|--- 2025-04-30 19:13:38+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14128 2025-04-30 22:05:57+00:00| seen| https://t.me/cvedetector/24131...

9.8CVSS7.7AI score0.00499EPSS
Exploits0References2
OSV
OSV
added 2025/04/30 6:27 p.m.16 views

CVE-2025-46557 Any user with view access to the XWiki space can change the authenticator

XWiki is a generic wiki platform. In versions starting from 15.3-rc-1 to before 15.10.14, from 16.0.0-rc-1 to before 16.4.6, and from 16.5.0-rc-1 to before 16.10.0-rc-1, a user who can access pages located in the XWiki space by default, anyone can access the page XWiki.Authentication.Administrati...

8.4CVSS6.5AI score0.00499EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/04/30 6:27 p.m.11 views

CVE-2025-46557 Any user with view access to the XWiki space can change the authenticator

XWiki is a generic wiki platform. In versions starting from 15.3-rc-1 to before 15.10.14, from 16.0.0-rc-1 to before 16.4.6, and from 16.5.0-rc-1 to before 16.10.0-rc-1, a user who can access pages located in the XWiki space by default, anyone can access the page XWiki.Authentication.Administrati...

8.4CVSS6.4AI score0.00499EPSS
Exploits0References3
Rows per page
Query Builder