2 matches found
CVE-2022-36095 XWiki Cross-Site Request Forgery (CSRF) for actions on tags
XWiki Platform is a generic wiki platform. Prior to versions 13.10.5 and 14.3, it is possible to perform a Cross-Site Request Forgery CSRF attack for adding or removing tags on XWiki pages. The problem has been patched in XWiki 13.10.5 and 14.3. As a workaround, one may locally modify the...
XWiki Platform 安全漏洞
XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from XWiki France. A security vulnerability exists in XWiki Platform versions prior to 13.10.5, prior to 14.3RC1, which stems from an incorrect authorization check...