// For flags

CVE-2007-4898

 

Severity Score

6.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 Enterprise RC2 allows remote authenticated users, with administrative access to one wiki in a multiwiki environment, to obtain sensitive information via unknown attack vectors. NOTE: Some of these details are obtained from third party information.

Vulnerabilidad no especificada en el plugin Multiwiki de XWiki versiones anteriores a 1.1 Enterprise RC2 permite a usuarios remotos autenticados, con acceso administrativo a un wiki en un entorno multiwiki, obtener informaciĆ³n confidencial mediante vectores de ataque desconocidos. NOTA: algunos de estos detalles se han obtenido de informaciĆ³n de terceros.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
High
Authentication
Single
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-09-14 CVE Reserved
  • 2007-09-14 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-18 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Xwiki
Search vendor "Xwiki"
 Xwiki
Search vendor "Xwiki" for product "Xwiki"
 <= 1.1_rc1
Search vendor "Xwiki" for product "Xwiki" and version " <= 1.1_rc1"
-
Affected