XWiki 13.10.4 < 14.10.21, 15.0 < 15.5.5, 15.6-rc-1 < 15.10.6 Missing Authorization Vulnerability (GHSA-33gp-gmg3-hfpq)

Xwiki is prone to a missing authorization vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki Platform 安全漏洞

XWiki Platform is XWiki's open source suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform that stems from improper management of user rights. The following versions are affected: versions 13.10.4 through 14.0-rc-1, 14.2 through...

XWiki < 13.10.4, 14.0 < 14.2 Information Disclosure Vulnerability (GHSA-599v-w48h-rjrm)

Xwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

Design/Logic Flaw

XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. Through the suggestion feature, string and list properties of objects the user shouldn't have access to can be accessed in versions prior to 13.10.4 and 14.2. This includes private personal information like...

CVE-2022-36091 XWiki Platform Web Templates vulnerable to Missing Authorization and Exposure of Private Personal Information to an Unauthorized Actor

XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. Through the suggestion feature, string and list properties of objects the user shouldn't have access to can be accessed in versions prior to 13.10.4 and 14.2. This includes private personal information like...