QID 996556
Date Published: 2024-01-15
QID 996556: Java (Maven) Security Update for org.xwiki.platform:xwiki-platform (GHSA-xh35-w7wg-95v3)
The rollback action is missing a right protection: it means that a user can rollback to a previous version of the page to gain rights they don't have anymore. This vulnerability impacts all version of XWiki since rollback action is available.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
Solution
Refer to Github security advisory GHSA-xh35-w7wg-95v3 for updates and patch information.
Vendor References
- GHSA-xh35-w7wg-95v3 -
github.com/advisories/GHSA-xh35-w7wg-95v3
CVEs related to QID 996556
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| GHSA-xh35-w7wg-95v3 | org.xwiki.platform:xwiki-platform |
|