2 matches found
CVE-2020-11057
In XWiki Platform, CVE-2020-11057 describes a code-injection risk where registered users without scripting/programming permissions could execute Python/Groovy scripts while editing personal dashboards. Affects versions 7.2–11.10.2. The underlying flaw enabled script execution during dashboard edi...
CVE-2020-11057 Code Injection in XWiki Platform
In XWiki Platform 7.2 through 11.10.2, registered users without scripting/programming permissions are able to execute python/groovy scripts while editing personal dashboards. This has been fixed 11.3.7 , 11.10.3 and 12.0...