Lucene search
+L

4 matches found

vulnrichment
vulnrichment
added 2025/04/30 6:27 p.m.12 views

CVE-2025-46557 Any user with view access to the XWiki space can change the authenticator

XWiki is a generic wiki platform. In versions starting from 15.3-rc-1 to before 15.10.14, from 16.0.0-rc-1 to before 16.4.6, and from 16.5.0-rc-1 to before 16.10.0-rc-1, a user who can access pages located in the XWiki space by default, anyone can access the page XWiki.Authentication.Administrati...

8.4CVSS6.4AI score0.00499EPSS
Exploits0References3
cvelist
cvelist
added 2025/04/30 6:27 p.m.36 views

CVE-2025-46557 Any user with view access to the XWiki space can change the authenticator

XWiki is a generic wiki platform. In versions starting from 15.3-rc-1 to before 15.10.14, from 16.0.0-rc-1 to before 16.4.6, and from 16.5.0-rc-1 to before 16.10.0-rc-1, a user who can access pages located in the XWiki space by default, anyone can access the page XWiki.Authentication.Administrati...

8.4CVSS0.00499EPSS
Exploits0References3
github
github
added 2025/04/30 4:51 p.m.14 views

Any user with view access to the XWiki space can change the authenticator

Impact A user who can access pages located in the XWiki space by default, anyone can access the page XWiki.Authentication.Administration and unless an authenticator is set in xwiki.cfg switch to another installed authenticator. Note that, by default, there is only one authenticator available...

9.8CVSS6.3AI score0.00499EPSS
Exploits0References5Affected Software1
osv
osv
added 2025/04/30 4:51 p.m.25 views

GHSA-F9C6-2F9P-82JJ Any user with view access to the XWiki space can change the authenticator

Impact A user who can access pages located in the XWiki space by default, anyone can access the page XWiki.Authentication.Administration and unless an authenticator is set in xwiki.cfg switch to another installed authenticator. Note that, by default, there is only one authenticator available...

8.4CVSS6.6AI score0.00499EPSS
Exploits0References5
Rows per page
Query Builder