ZDI-24-1697

Low

This vulnerability allows remote attackers to execute arbitrary code on affected installations of XWiki.org XWiki. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8.

Published December 19, 2024.

Affected software

Get alerts for this software

Reference links

https://www.xwiki.org/xwiki/bin/view/TestReports/
http://www.zerodayinitiative.com/advisories/ZDI-24-1697/