4 matches found
CVE-2023-29513
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. If guest has view right on any document. It's possible to create a new user using the distribution/firstadminuser.wiki in the wrong context. This vulnerability has been patched in XWiki...
CVE-2023-29513 Users can be created even when registration is disabled without validation via the template macro in xwiki-platform
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. If guest has view right on any document. It's possible to create a new user using the distribution/firstadminuser.wiki in the wrong context. This vulnerability has been patched in XWiki...
CVE-2023-29513 Users can be created even when registration is disabled without validation via the template macro in xwiki-platform
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. If guest has view right on any document. It's possible to create a new user using the distribution/firstadminuser.wiki in the wrong context. This vulnerability has been patched in XWiki...
CVE-2023-29513
XWiki Platform (CVE-2023-29513) allows an attacker to create a new user if a guest has view rights on any document, by exploiting the distribution/firstadminuser.wiki in the wrong context. Root cause: improper handling of guest access combined with the template macro enables user registration whe...