VYPR

Maven package

org.xwiki.platform/xwiki-platform-mail-send-default

pkg:maven/org.xwiki.platform/xwiki-platform-mail-send-default

Vulnerabilities (1)

  • CVE-2023-34465Jun 23, 2023
    affected >= 11.8-rc-1, < 14.4.8fixed 14.4.8

    XWiki Platform is a generic wiki platform. Starting in version 11.8-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.2, `Mail.MailConfig` can be edited by any logged-in user by default. Consequently, they can change the mail obfuscation configuration and view and edit the mail