CVE-2023-35152 in XWiki情報

要約

〜によって MITRE • 2023年06月23日

XWiki Platform is a generic wiki platform. Starting in version 12.9-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.1, any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation. The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, one may apply the patch manually.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

責任者

GitHub, Inc.

予約する

2023年06月14日

モデレーション

承諾済み

エントリ

VDB-232052

EPSS

0.01028

アクティビティ

非常低い

ソース

Do you want to use VulDB in your project?

Use the official API to access entries easily!