Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-92wp-r7hm-42g7

GitHub Security Advisory

XWiki Platform subject to Uncontrolled Resource Consumption

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

### Impact

It's possible to make the farm unusable by adding an object to a page with a huge number (e.g. 67108863). This will most of the time fill the memory allocated to XWiki and make it unusable every time this document is manipulated.

### Patches
It has been patched in XWiki 14.0

### Workarounds
There is no workaround.

### References
https://jira.xwiki.org/browse/XWIKI-19223

### For more information
If you have any questions or comments about this advisory:
* Open an issue in [Jira XWiki](https://jira.xwiki.org)
* Email us at [our security mailing list](mailto:[email protected])

Affected Packages

Maven org.xwiki.platform:xwiki-platform-oldcore
Affected versions: 0 (fixed in 14.0-rc-1)

Related CVEs

CVE-2023-26470

Key Information

GHSA ID
GHSA-92wp-r7hm-42g7
Published
March 3, 2023 10:50 PM
Last Modified
March 3, 2023 10:50 PM
CVSS Score
5.0 /10
Primary Ecosystem
Maven
Primary Package
org.xwiki.platform:xwiki-platform-oldcore
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 22, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.