XWiki Improper Handling of Insufficient Privileges Vulnerability - CVE-2024-21648

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection a user can rollback to a previous version of the page to gain rights they don39t have anymore. The problem has been patched in XWiki 14.10.17 15.5.3 and 15.8-rc-1 by ensuring that the rights are checked before performing the rollback.