Design/Logic Flaw

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 9.4-rc-1 and prior to versions 14.10.8 and 15.3-rc-1, when a document has been deleted and re-created, it is possible for users with view right on the re-created document b...

CVE-2023-37911 org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 9.4-rc-1 and prior to versions 14.10.8 and 15.3-rc-1, when a document has been deleted and re-created, it is possible for users with view right on the re-created document b...

XWiki Platform Security Vulnerability

XWiki Platform is a suite of wiki platforms for creating web collaboration applications from the XWiki Foundation in France. A security vulnerability exists in Xwiki versions 9.4-rc-1 through 14.10.8, and versions prior to 15.3-rc-1, which originates when a document is deleted and recreated,...

CVE-2023-29208

XWiki Commons are technical libraries common to several other top level XWiki projects. Rights added to a document are not taken into account for viewing it once it's deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on...

CVE-2023-29208

Summary of CVE-2023-29208 (XWiki Commons): An information-leak vulnerability where rights assigned to a document are not enforced for viewing after the document is deleted. The issue affects deleted documents that had view rights; after deletion, those rights could still enable viewing. The root ...