CNNVD-202602-2075 Information
CNNVD ID
CNNVD-202602-2075
Related CVE
- CNNVD Published: 2026-02-12
Description (Chinese)
XWiki Platform是XWiki开源的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform 17.9.0之前版本、17.4.6之前版本和16.10.13之前版本存在安全漏洞,该漏洞源于可能使用注释注入CSS,将整个wiki转换为指向恶意页面的链接区域。
Description (English)
XWiki Platform is an open source of XWiki ’ s Wiki platform for creating a Web collaborative application. There is a security loophole in the previous version of the XWiki Platform 17.9.0, the previous version of 17.4.6 and the previous version of 16.10.13, which stems from the possible use of notes into the CSS to convert the whole wiki into a link area to the malicious page.
Vulnerability Type
其他
Affected Vendor
XWiki
Published
2026-02-12
Last Modified
2026-02-24
References
https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.4.6 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-74rh-c5rh-88vg
Patch
https://github.com/xwiki/xwiki-platform/releases
Share on: