CVE-2024-55879

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Dec 12, 2024
Updated: Dec 13, 2024
CWE ID 862

Summary

CVE-2024-55879 is a critical vulnerability affecting the XWiki Platform, a popular wiki solution. Prior to versions 15.10.9 and 16.3.0, any user with script rights could exploit this vulnerability and execute arbitrary remote code on any page. Consequently, the confidentiality, integrity, and availability of the entire XWiki installation are compromised. No known workarounds are available, and the only solution is to upgrade to the patched versions 15.10.9 and 16.3.0. Unpatched installations remain vulnerable to remote code execution attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share