Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-32620
HistoryMay 28, 2021 - 9:15 p.m.

CVE-2021-32620

2021-05-2821:15:08
Google
osv.dev
10
xwiki platform
vulnerability
self-activation
disabled users
version 12.10.2

AI Score

6.9

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions prior to 11.10.13, 12.6.7, and 12.10.2, a user disabled on a wiki using email verification for registration canouldre-activate themself by using the activation link provided for his registration. The problem has been patched in the following versions of XWiki: 11.10.13, 12.6.7, 12.10.2, 13.0. It is possible to workaround the issue by resetting the validkey property of the disabled XWiki users. This can be done by editing the user profile with object editor.

Related

prion 1
osv 1
nvd 1
cvelist 1
github 1
cve 1
prion
prion
Code injection
2021-05-28 21:15:00
osv
osv
XWiki users registered with email verification can self re-activate their disabled accounts
2021-05-18 18:36:21
nvd
nvd
CVE-2021-32620
2021-05-28 21:15:08
cvelist
cvelist
CVE-2021-32620 Users registered with email verification can self re-activate their disabled accounts
2021-05-28 21:05:15
github
github
XWiki users registered with email verification can self re-activate their disabled accounts
2021-05-18 18:36:21
cve
cve
CVE-2021-32620
2021-05-28 21:15:08

AI Score

6.9

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON
Related for OSV:CVE-2021-32620
prion1osv1nvd1cvelist1github1cve1