3 matches found
XWiki < 14.10.4 Open Redirect Vulnerability (GHSA-6gvj-8vc5-8v3j)
Xwiki is prone to an open redirect vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...
CVE-2023-32068
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions prior to 14.10.4 it's possible to exploit well known parameters in XWiki URLs to perform redirection to untrusted site. This vulnerability was partially fixed in the past for XWiki...
CVE-2023-32068
XWiki Platform is vulnerable to open redirect via improper validation of the xredirect parameter in URLs. Affected versions are those prior to 14.10.4 (older fixes for 12.10.7 and 13.3RC1 were incomplete), with the issue now patched in 14.10.4 and 15.0. Exploitation could redirect users to untrus...