4 matches found
XWiki Platform Security Vulnerability
XWiki Platform is a suite of Wiki platforms from the XWiki Foundation in France for creating collaborative Web applications. A security vulnerability exists in XWiki Platform, which arises from the fact that an attacker with editing privileges on any document can move any attachment from any othe...
Users can move attachments to a space they have no permission for
Any user with permission to edit pages in a space can move attachments in that space to any page in Confluence. Eg: suppose we have a user named StandardUser who has permission to edit pages in GeneralSpace, but no permission to view or edit RestrictedSpace, which contains a page predictably name...
Users can move attachments to a space they have no permission for
Any user with permission to edit pages in a space can move attachments in that space to any page in Confluence. Eg: suppose we have a user named StandardUser who has permission to edit pages in GeneralSpace, but no permission to view or edit RestrictedSpace, which contains a page predictably name...
Users can move attachments to a space they have no permission for
Any user with permission to edit pages in a space can move attachments in that space to any page in Confluence. Eg: suppose we have a user named StandardUser who has permission to edit pages in GeneralSpace, but no permission to view or edit RestrictedSpace, which contains a page predictably name...