CVE-2005-4862
XWiki 0.9.793 - Unauthenticated Sensitive Information Exposure via Search Functionality
Title source: llmDescription
The search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote attackers to obtain sensitive information via a search string that matches a password.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://jira.xwiki.org/jira/browse/XWIKI-70
Scores
EPSS
0.0008
EPSS Percentile
24.3%
Details
CWE
CWE-255
Status
published
Products (1)
xwiki/xwiki
0.9.793
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026