CVE-2026-40105 Scanner

XWiki is a well-known open-source wiki software that is used for both personal and enterprise environments to create collaborative projects, documentation, and intranet sites. Developed and maintained by a large community, XWiki provides a high level of customization through its numerous extensions and plugins. Organizations across diverse sectors utilize XWiki to manage information, collaborate across teams, and create dynamic content management systems. It accommodates various functionalities like blog creation, task management, and knowledge base organization, making it a versatile platform. The software's flexibility allows users to configure it to meet specific organizational needs and integrate it with other applications effectively. Continuous development and innovation within the community ensure that XWiki remains a powerful and adaptable wiki solution.

The Cross-Site Scripting (XSS) vulnerability currently detected in XWiki is critical for environments where user interaction is regular, as it allows attackers to execute arbitrary scripts in the context of a user's browser. This vulnerability primarily affects the `viewer=changes` endpoint within XWiki, exploiting this due to improper sanitization of input parameters like `rev2`. The danger with this vulnerability lies in its ability to impersonate users and gain unauthorized access to sensitive data or functions. Attackers can effectively steal session cookies, redirect users to malicious websites, and perform actions on behalf of the user. XSS vulnerabilities are particularly threatening in platforms like XWiki due to the potential for widespread data compromise and unauthorized access. It's pivotal for organizations using XWiki to patch this vulnerability promptly to maintain integrity and security.

In the case of XWiki's Cross-Site Scripting vulnerability, the technical details highlight that the `rev2` parameter lacks proper sanitization. This unsanitized parameter can be manipulated to inject malicious JavaScript code, which gets executed when the affected endpoint, `viewer=changes`, is accessed. The vulnerability is triggered through the GET request method and can be exploited with minimal user interaction, given the low complexity of the attack. This involves crafting a URL with a payload that includes the malicious script encapsulated within specific HTML tags such as `