2 matches found
XWiki 3.3-milestone-3 < 14.10.4 Privilege Escalation Vulnerability (GHSA-36fm-j33w-c25f)
Xwiki is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescripti...
CVE-2023-32069
XWiki Platform has a privilege-escalation through the XWiki.ClassSheet document: from 3.3-milestone-2 up to just before 14.10.4 and 15.0-rc-1, a user can execute arbitrary actions with the author’s rights. The issue is fixed in 14.10.4 and 15.0-rc-1; there are no known workarounds.