Vulnerability Database
296,772
Total vulnerabilities in the database
CVE-2023-26476
XWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to LiveTableResults and WikisLiveTableResultsMacros. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version >= 3.2M3 by applying the patch manually on LiveTableResults and WikisLiveTableResultsMacros.
| Software | From | Fixed in |
|---|---|---|
| xwiki / xwiki | 3.2-milestone3 | 3.2-milestone3.x |
| xwiki / xwiki | 14.7-rc1 | 14.7-rc1.x |
| xwiki / xwiki | 13.5.0 | 13.10.9 |
| xwiki / xwiki | 14.0 | 14.7 |
| xwiki / xwiki | 3.3 | 13.4.4 |
org.xwiki.platform / xwiki-platform-livetable-ui
|
3.2-m3 | 13.4.4 |
|
org.xwiki.platform / xwiki-platform-wiki-ui-mainwiki
|
3.2-m3 | 13.4.4 |
|
org.xwiki.platform / xwiki-platform-livetable-ui
|
13.5.0 | 13.10.9 |
|
org.xwiki.platform / xwiki-platform-wiki-ui-mainwiki
|
13.5.0 | 13.10.9 |
|
org.xwiki.platform / xwiki-platform-livetable-ui
|
14.0.0 | 14.7-rc-1 |
|
org.xwiki.platform / xwiki-platform-wiki-ui-mainwiki
|
14.0.0 | 14.7-rc-1 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime