Description
Wiki Server in Apple OS X Server before 4.1 allows remote attackers to bypass intended restrictions on Activity and People pages by connecting from an iPad client.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032196
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT204201
Vendor Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2015/Apr/msg00006.html
Scores
EPSS
0.0186
EPSS Percentile
76.7%
Details
CWE
CWE-284
Status
published
Products (1)
apple/os_x_server
< 4.0
Published
Apr 28, 2015
Tracked Since
Feb 18, 2026