Security Advisory

CVE-2023-29508

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-16 07:00:43

Last updated 2025-02-06 16:14:25

Assigner GitHub_M

State PUBLISHED

Description

XWiki Commons are technical libraries common to several other top level XWiki projects. A user without script rights can introduce a stored XSS by using the Live Data macro, if the last author of the content of the page has script rights. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11.

← Browse all CVEs View on cve.org ↗