CVE-2020-11057

Published: 2020-05-12T21:15Z

Last Modified: 2024-11-21T04:56Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In XWiki Platform 7.2 through 11.10.2, registered users without scripting/programming permissions are able to execute python/groovy scripts while editing personal dashboards. This has been fixed 11.3.7 , 11.10.3 and 12.0. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt