3 matches found
CVE-2024-55877
creationtimestamp| type| source ---|---|--- 2024-12-12 19:22:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113641477877056322 2024-12-12 22:12:11+00:00| seen| https://t.me/cvedetector/12810...
CVE-2024-55877 XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList
XWiki Platform is a generic wiki platform. Starting in version 9.7-rc-1 and prior to versions 15.10.11, 16.4.1, and 16.5.0, any user with an account can perform arbitrary remote code execution by adding instances of XWiki.WikiMacroClass to any page. This compromises the confidentiality, integrity...
CVE-2024-55877
XWiki Platform is affected. Versions 9.7-rc-1 through prior to 15.10.11, 16.4.1, and 16.5.0 allow arbitrary remote code execution via adding instances of XWiki.WikiMacroClass to a page, compromising confidentiality, integrity, and availability. Root cause is improper handling of WikiMacroClass in...