2 matches found
CVE-2022-23615 Partial authorization bypass on document save in xwiki-platform
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with SCRIPT right can save a document with the right of the current user which allow accessing API requiring programming right if the current user has programming...
CVE-2022-23615
CVE-2022-23615 – XWiki Platform permission bypass. In affected XWiki versions, any user with SCRIPT right could save a document using the current user’s rights, potentially accessing APIs requiring programming rights if the current user also has programming rights. The issue has been patched in X...