Description
XWiki Platform is a generic wiki platform. Starting in version 13.10, it's possible to use the right of an existing document content author to execute a text area property. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11. There are no known workarounds.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2023-0846 | XWiki Platform is a generic wiki platform. Starting in version 13.10, it's possible to use the right of an existing document content author to execute a text area property. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11. There are no known workarounds. |
Github GHSA |
GHSA-3738-p9x3-mv9r | XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author |
References
History
Wed, 05 Mar 2025 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-03-05T21:21:51.637Z
Reserved: 2023-02-23T23:22:58.573Z
Link: CVE-2023-26474
Updated: 2024-08-02T11:53:54.184Z
Status : Modified
Published: 2023-03-02T19:15:11.390
Modified: 2024-11-21T07:51:35.083
Link: CVE-2023-26474
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD
Github GHSA