CVE-2026-40104 | xwiki org.xwiki.platform:xwiki-platform-oldcore up to 16.10.15/17.4.7/17.10.0 REST API Endpoint properties allocation of resources

A vulnerability has been found in xwiki org.xwiki.platform:xwiki-platform-oldcore and org.xwiki.platform:xwiki-platform-legacy-oldcore up to 16.10.15/17.4.7/17.10.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /xwiki/rest/wikis/xwiki/spaces/AnnotationCode/pages/AnnotationConfig/objects/AnnotationCode.AnnotationConfig/0/properties of the component REST API Endpoint. Performing a manipulation results in allocation of resources.

This vulnerability was named CVE-2026-40104. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More