First published: Mon Nov 20 2023(Updated: )
|Affected Software||Affected Version||How to fix|
The vulnerability exposes the content of all documents of all wikis to anyone who has access to it, potentially exposing sensitive information stored in the wiki.
The vulnerability affects versions 15.0-rc-1 to 15.5.1 of org.xwiki.platform:xwiki-platform-search-solr-query and versions 6.3-milestone-2 to 14.10.15 of org.xwiki.platform:xwiki-platform-search-solr-query.
The severity of the vulnerability is high with a CVSS score of 7.5.
The CWE ID for this vulnerability is 285.
Upgrade to a version of org.xwiki.platform:xwiki-platform-search-solr-query that is equal to or newer than 15.5.1, or equal to or newer than 14.10.15 for versions prior to 15.0-rc-1.