{"vulnerability": "CVE-2022-36095", "sightings": [{"uuid": "646efa64-1e41-44fc-b7cf-c3ff4a9adb88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36095", "type": "seen", "source": "https://t.me/cibsecurity/49483", "content": "\u203c CVE-2022-36095 \u203c\n\nXWiki Platform is a generic wiki platform. Prior to versions 13.10.5 and 14.3, it is possible to perform a Cross-Site Request Forgery (CSRF) attack for adding or removing tags on XWiki pages. The problem has been patched in XWiki 13.10.5 and 14.3. As a workaround, one may locally modify the `documentTags.vm` template in one's filesystem, to apply the changes exposed there.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-09T00:15:42.000000Z"}]}