5 matches found
GHSA-GFP2-6QHM-7X43 The WikiManager REST API allows any user to create wikis
Impact Any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard by default: it needs to be installed manually through the extension manager...
CVE-2025-29926
XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard b...
CVE-2025-29926 The WikiManager REST API allows any user to create wikis
XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard b...
CVE-2025-29926 The WikiManager REST API allows any user to create wikis
XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard b...
XWiki Platform 授权问题漏洞
XWiki Platform is XWiki's open source suite of Wiki platforms for creating web collaboration applications. An authorization issue vulnerability exists in XWiki Platform versions prior to 15.10.15, prior to 16.4.6, and prior to 16.10.0, which stems from the WikiManager REST API that could be...