4 matches found
XWiki 8.0 < 13.10.5, 14.0 < 14.3 User Registration Vulnerability (GHSA-h5j3-5x63-p8jv)
Xwiki is prone to a user registration vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...
CVE-2022-36093 XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. By passing a template of the distribution wizard to the xpart template, user accounts can be created even when user registration is disabled. This also circumvents any email verification. Before versions 14.2...
CVE-2022-36093 XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. By passing a template of the distribution wizard to the xpart template, user accounts can be created even when user registration is disabled. This also circumvents any email verification. Before versions 14.2...
CVE-2022-36093
CVE-2022-36093 affects XWiki Platform Web Templates. An attacker can create user accounts by sending a distribution-wizard template to the xpart template, even when user registration is disabled, bypassing email verification. The issue can also allow write access on some wiki configurations, and ...