Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@13.9

Type maven

Namespace org.xwiki.platform

Name xwiki-platform-web-templates

Version 13.9

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 13.10.3

Latest_non_vulnerable_version 17.8.0-rc-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-baek-qj2u-j7db

vulnerability_id VCID-baek-qj2u-j7db

summary

Exposure of Private Personal Information to an Unauthorized Actor
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents related to users of the wiki. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24819

reference_id

reference_type

scores

value	0.04317
scoring_system	epss
scoring_elements	0.89072
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24819

reference_url

https://github.com/xwiki/xwiki-platform

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform

reference_url

https://jira.xwiki.org/browse/XWIKI-18850

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://jira.xwiki.org/browse/XWIKI-18850

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-24819

reference_id

CVE-2022-24819

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-24819

reference_url

https://github.com/advisories/GHSA-97jg-43c9-q6pf

reference_id

GHSA-97jg-43c9-q6pf

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-97jg-43c9-q6pf

reference_url

https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-97jg-43c9-q6pf

reference_id

GHSA-97jg-43c9-q6pf

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-97jg-43c9-q6pf

fixed_packages

url	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@12.10.11
purl	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@12.10.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@12.10.11

url	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@13.4.4
purl	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@13.4.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@13.4.4

url	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@13.9
purl	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@13.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@13.9

aliases CVE-2022-24819, GHSA-97jg-43c9-q6pf

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-baek-qj2u-j7db

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@13.9

Package Instance