XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit right can copy the content of a page it does not have access to by using it as template of a new page. This issue has been patched in XWiki 13.2CR1 and 12.10.6. Users are advised to update. There are no known workarounds for this issue.
2022-02-09T21:15:07.937
2024-11-21T06:48:56.643
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | xwiki | xwiki | ≤ 12.10.5 | Yes |
| Application | xwiki | xwiki | 13.0 | Yes |
| Application | xwiki | xwiki | 13.1 | Yes |