CVE-2026-33137 | xwiki xwiki-platform up to 16.10.16/17.4.8/17.10.2/18.0.x API /wikis/ authorization

A vulnerability was found in xwiki xwiki-platform up to 16.10.16/17.4.8/17.10.2/18.0.x. It has been classified as critical. The impacted element is an unknown function of the file /wikis/ of the component API. The manipulation leads to missing authorization.

This vulnerability is listed as CVE-2026-33137. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More