CVE-2006-7223
CVE-2006-7223 affects XWiki 0.9.543 through 0.9.1252. The underlying issue is that PreviewAction does not set the Author field to the identity of the user who last modified a document. This allows remote authenticated users without programming rights to execute arbitrary code by selecting a docum...