Sergiu Dumitriu

**Name of the Vulnerable Software and Affected Versions** XWiki Platform versions prior to 12.10.7 XWiki Platform versions prior to 13.3RC1 **Description** The XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions, there is no protection against URL redirection to untrusted sites, in particular, some well-known parameters (`xredirect`) can be used to perform URL redirections. **Recommendations** For XWiki Platform versions prior to 12.10.7, update to version 12.10.7 or later. For XWiki Platform versions prior to 13.3RC1, update to version 13.3RC1 or later. As a temporary workaround, consider restricting the use of the `xredirect` parameter to minimize the risk of exploitation.