CVSS 3.1 Score 8.8 of 10 (high)


Published Jan 9, 2024
Updated: Jan 12, 2024
CWE ID 274


CVE-2024-21648 is a vulnerability affecting XWiki Platform, a generic wiki platform used for building applications. The vulnerability allows a user to rollback to a previous version of a page and gain rights they no longer have. This issue has been addressed in versions 14.10.17, 15.5.3, and 15.8-rc-1 of XWiki by implementing checks for rights before performing the rollback action. The vulnerability poses a high risk to organizations as it could lead to unauthorized access and potential compromise of confidential information.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-21648 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options