CVE-2023-46743
Affected: application-collabora (Collabora Online integration in XWiki). Issue: when a user opens an attachment in edit mode, the userCanWrite result was cached on the Collabora server, causing the edit-right to persist for subsequent users even if they have only view rights. Consequence: the sam...