CVE-2024-26138
The CVE concerns the XWiki licensor application, where the Licenses.Code.LicenseJSON document is publicly accessible and exposes admins’ license information, including the instance ID and license owner’s name and email. This data exposure could enable correlation of active installations and targe...