Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2025/01/23 12:0 a.m.8 views

XWiki 1.2-milestone-2 < 15.10.9, 16.0.0-rc-1 < 16.3.0 Incorrect Authorization Vulnerability (GHSA-cwq6-mjmx-47p6)

Xwiki is prone to an incorrect authorization vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

5.4CVSS5.5AI score0.00564EPSS
Exploits1References1
NVD
NVD
added 2024/12/12 7:15 p.m.22 views

CVE-2024-55876

XWiki Platform is a generic wiki platform. Starting in version 1.2-milestone-2 and prior to versions 15.10.9 and 16.3.0, any user with an account on the main wiki could run scheduling operations on subwikis. To reproduce, as a user on the main wiki without any special right, view the document...

5.4CVSS0.00564EPSS
Exploits1References3
Circl
Circl
added 2024/12/12 7:3 p.m.9 views

CVE-2024-55876

creationtimestamp| type| source ---|---|--- 2024-12-12 19:03:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113641404902137205 2024-12-12 21:21:55+00:00| seen| https://t.me/cvedetector/12803...

5.4CVSS5.3AI score0.00564EPSS
Exploits1References2
CVE
CVE
added 2024/12/12 6:59 p.m.77 views

CVE-2024-55876

CVE-2024-55876 affects XWiki Platform. Versions 1.2-milestone-2 through 16.3.0 are vulnerable: any account on the master wiki could execute scheduling operations on subwikis by interacting with Scheduler.WebHome and triggering a job, indicating an insufficient authorization boundary between main ...

5.4CVSS5.5AI score0.00564EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder