VYPR
Moderate severityNVD Advisory· Published Feb 9, 2022· Updated Apr 23, 2025

Missing authorization in xwiki-platform

CVE-2022-23617

Description

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit right can copy the content of a page it does not have access to by using it as template of a new page. This issue has been patched in XWiki 13.2CR1 and 12.10.6. Users are advised to update. There are no known workarounds for this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.xwiki.platform:xwiki-platform-oldcoreMaven
< 12.10.612.10.6
org.xwiki.platform:xwiki-platform-oldcoreMaven
>= 13.0, < 13.2-rc-113.2-rc-1

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.