icon

We found results for “

WS-2019-0615

Date: July 29, 2019

Overview

In xwiki-platform, versions xwiki-platform-3.0.1 to xwiki-platform-11.3.2 are vulnerable against privilege escalation.

Details

In xwiki-platform, versions xwiki-platform-3.0.1 to xwiki-platform-11.3.2 are vulnerable against privilege escalation when a user manages to set a higher privilege (‘script’) to himself.

Affected Environments

Xwiki-platform-3.0.1 through xwiki-platform-11.3.2

Prevention

Upgrade to xwiki-platform-11.3.3

Language: Java

Good to know:

icon

Improper Privilege Management

CWE-269
icon

Upgrade Version

Upgrade to version xwiki-platform-11.3.3

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): High
Availability (A): None