CVE-2024-45591 | xwiki-platform up to 15.10.8/16.3.0-rc-0 REST API history authorization (GHSA-pvmm-55r5-g3mm)

Posted by Angelo Barbosa | Sep 10, 2024 | CVE

A vulnerability was found in xwiki-platform up to 15.10.8/16.3.0-rc-0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /xwiki/rest/wikis/xwiki/spaces/Main/pages/WebHome/history of the component REST API. The manipulation leads to missing authorization.

This vulnerability is known as CVE-2024-45591. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45591 | xwiki-platform up to 15.10.8/16.3.0-rc-0 REST API history authorization (GHSA-pvmm-55r5-g3mm)

Related Posts

CVE-2024-26902 | Linux Kernel up to 6.6.22/6.7.10 RISCV null pointer dereference (3ede8e94de6b/9f599ba3b9cc/34b567868777)

CVE-2024-39567 | Siemens SINEMA Remote Connect Client up to 3.2 Configuration command injection (ssa-868282)

CVE-2023-47846 | Terry Lin WP Githuber MD Plugin up to 1.16.2 on WordPress unrestricted upload

CVE-2023-49278 | Umbraco CMS up to 8.18.9/10.8.0/12.3.3 information disclosure (GHSA-7×74-h8cw-qhxq)