Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.2
CVE-2025-49594
- EPSS 0.08%
- Veröffentlicht 06.10.2025 14:48:43
- Zuletzt bearbeitet 06.10.2025 15:16:04
XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki. Starting in version 2.17.1 and prior to version 2.18.2, anyone with VIEW access to a user profile can create a token for that user. If that XWiki instance is configured to a...
7.5
CVE-2022-39387
- EPSS 0.21%
- Veröffentlicht 04.11.2022 19:15:10
- Zuletzt bearbeitet 21.11.2024 07:18:11
XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki. Prior to version 1.29.1, even if a wiki has an OpenID provider configured through its xwiki.properties, it is possible to provide a third party provider its details through ...
1