2 matches found
CVE-2023-34465
XWiki Platform is a generic wiki platform. Starting in version 11.8-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.2, Mail.MailConfig can be edited by any logged-in user by default. Consequently, they can change the mail obfuscation configuration and view and edit the mail sending...
CVE-2023-34465
Summary : CVE-2023-34465 affects XWiki Platform. Starting in version 11.8-rc-1 up to 15.2, any logged-in user could edit the Mail.MailConfig page, allowing alteration of mail obfuscation and the mail delivery configuration, including SMTP domain and credentials. This represents a potential impact...