CVE-2022-36095

XWiki Platform is a generic wiki platform. Prior to versions 13.10.5 and 14.3, it is possible to perform a Cross-Site Request Forgery CSRF attack for adding or removing tags on XWiki pages. The problem has been patched in XWiki 13.10.5 and 14.3. As a workaround, one may locally modify the...

PT-2022-23185 · Unknown · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 13.10.5 and 14.3 Description: The issue allows for a Cross-Site Request Forgery CSRF attack, enabling the addition or removal of tags on XWiki pages. Recommendations: For versions prior to 13.10.5, update to...