7 matches found
GHSA-5CF8-VRR8-8HJM XWiki Platform packages Expose Sensitive Information to an Unauthorized Actor
Impact Users can deduce the content of the password fields by repeated call to LiveTableResults and WikisLiveTableResultsMacros. Patches The issue is applied on versions 14.7-rc-1, 13.4.4, and 13.10.9. Workarounds The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, and 13.10.9 and...
XWiki Platform packages Expose Sensitive Information to an Unauthorized Actor
Impact Users can deduce the content of the password fields by repeated call to LiveTableResults and WikisLiveTableResultsMacros. Patches The issue is applied on versions 14.7-rc-1, 13.4.4, and 13.10.9. Workarounds The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, and 13.10.9 and...
CVE-2023-26476
XWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to LiveTableResults and WikisLiveTableResultsMacros. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version ...
Design/Logic Flaw
XWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to LiveTableResults and WikisLiveTableResultsMacros. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version ...
CVE-2023-26476 Two XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor
XWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to LiveTableResults and WikisLiveTableResultsMacros. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version ...
CVE-2023-26476
CVE-2023-26476 affects XWiki Platform. Starting in 3.2-m3, attackers could deduce password-field contents via repeated calls to LiveTableResults and WikisLiveTableResultsMacros. Public details confirm fixes: upgrade to 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or apply the patch manually on LiveT...
CVE-2023-26476 Two XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor
XWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to LiveTableResults and WikisLiveTableResultsMacros. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version ...