3 matches found
XWiki Information Disclosure Vulnerability (GHSA-35fg-hjcr-j65f)
XWiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...
CVE-2022-23619
XWiki Platform contains an information disclosure vulnerability where the Forgot your password form can reveal whether a user exists, even when the site is restricted to guests. Affected versions are patched in XWiki 12.10.9, 13.4.1, and 13.6RC1. The issue has been confirmed across multiple advis...
CVE-2022-23619 Information exposure in xwiki-platform
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to guess if a user has an account on the wiki by using the "Forgot your password" form, even if the wiki is closed to guest users. This problem has been...