Source |
CVE Liste |
Identifiant |
8315123 |
Date de publication |
2023-03-02 19:15:11 (vue: 2023-03-02 22:07:07) |
Titre |
CVE-2023-26476 |
Texte |
XWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to `LiveTableResults` and `WikisLiveTableResultsMacros`. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version >= 3.2M3 by applying the patch manually on `LiveTableResults` and `WikisLiveTableResultsMacros`. |
Envoyé |
Oui |
Condensat |
2023 26476 2m3 `livetableresults` `wikislivetableresultsmacros` applying call can content cve deduce fields fixed generic higher issue manually password patch platform repeated starting upgrading users version versions wiki xwiki |
Tags |
|
Stories |
|
Notes |
|
Move |
|