CVE-2023-37277
XWiki Platform is vulnerable to cross-site request forgery via the REST API. The flaw allows remote code execution through script macros when a user with programming rights interacts with crafted POST requests using content types such as text/plain, multipart/form-data, or application/www-form-ur...