PT-2022-16966 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: XWiki versions 2.3 through 12.6.6 XWiki versions 12.7.0 through 12.10.2 XWiki versions 13.0.0 through 13.0.0 before 13.0RC1 Description: The velocity scripts are not properly sandboxed against using the Java File API to perform read or write...