Количество 3
Количество 3
CVE-2025-29926
XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard by default: it needs to be installed manually through the extension manager. The problem has been patched in versions 15.10.15, 16.4.6 and 16.10.0 of the REST module.
GHSA-gfp2-6qhm-7x43
The WikiManager REST API allows any user to create wikis
BDU:2025-05154
Уязвимость компонента org.xwiki.platform:xwiki-platform-wiki-rest-default платформы создания совместных веб-приложений XWiki Platform, позволяющая нарушителю повысить свои привилегии
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-29926 XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard by default: it needs to be installed manually through the extension manager. The problem has been patched in versions 15.10.15, 16.4.6 and 16.10.0 of the REST module. | CVSS3: 9.8 | 1% Низкий | 11 месяцев назад |
| GHSA-gfp2-6qhm-7x43 The WikiManager REST API allows any user to create wikis | 1% Низкий | 11 месяцев назад | |
 | BDU:2025-05154 Уязвимость компонента org.xwiki.platform:xwiki-platform-wiki-rest-default платформы создания совместных веб-приложений XWiki Platform, позволяющая нарушителю повысить свои привилегии | CVSS3: 7.2 | 1% Низкий | 11 месяцев назад |
Уязвимостей на страницу