{"vulnerability": "cve-2023-29208", "sightings": [{"uuid": "38cb4c69-05b4-4af0-8811-e829df247a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29208", "type": "seen", "source": "https://t.me/cibsecurity/62233", "content": "\u203c CVE-2023-29208 \u203c\n\nXWiki Commons are technical libraries common to several other top level XWiki projects. Rights added to a document are not taken into account for viewing it once it's deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on a space of a deleted document are properly checked. The problem has been patched in XWiki 14.10 by checking the rights of current user: only admin and deleter of the document are allowed to view it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T20:26:47.000000Z"}]}