Filter
-Infinity
0
Trending
Versions
15.0
59
14.0
46
14.5
40
15.6
27
15.0-rc1
13
13.0
12
14.10
11
14.4.0
9
14.10-rc1
8
1.0
7
14.0.0
7
14.4.4
7
16.0.0
7
2.3
7
14.4.3
6
15.1
6
15.1-rc1
6
15.6-rc1
6
3.1.1
6
13.1
5
13.5
5
14.6
5
15.7-rc1
5
0.9.793
4
1.8
4
12.0
4
12.7
4
13.9
4
3.0
4
3.0-milestone3
4
3.0.1
4
3.1-milestone2
4
0.9.1252
3
0.9.543
3
0.9.790
3
0.9.840
3
13.1-rc1
3
13.10
3
13.2
3
14.5.0
3
2.4
3
3.0-rc1
3
3.1-milestone1
3
3.2-milestone3
3
3.3
3
3.5
3
4.2
3
4.2-milestone3
3
5.0
3
6.3-milestone2
3
maven/org.xwiki.platform:xwiki-platform-rest-serverorg.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API
9.8
EPSS
0.32%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreorg.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API
8.8
EPSS
0.05%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-messagestreamXWiki allows unregistered users to see "public" messages from a closed wiki via notifications from a different wiki
4.7
EPSS
0.06%
First published (updated )
XwikiXWiki.org XWiki SolrSearchMacros text Command Injection Remote Code Execution Vulnerability
First published (updated )
XwikiZDI-24-1697: XWiki.org XWiki SolrSearchMacros text Command Injection Remote Code Execution Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-administration-uiXWiki allows RCE from script right in configurable sections
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-help-uiXWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList
10
First published (updated )
XwikiXWiki's scheduler in subwiki allows scheduling operations for any main wiki user
5.4
First published (updated )
XwikiXWiki Platform has an SQL injection in getdocuments.vm with sort parameter
9.8
First published (updated )
XwikiXWiki allows remote code execution through the extension sheet
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-notifications-uiData leak of notification filters of users in XWiki Platform
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-notifications-uiMissing checks for notification filter preferences editions in XWiki Platform
6.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rest-serverXWiki Platform document history including authors of any page exposed to unauthorized actors
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform allows XSS through XClass name in string properties
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesIn XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiPro Macros Remote Code Execution via Viewpdf and similar macros
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesXWiki Platform XSS through conflict resolution
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
10
First published (updated )
XwikiXWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader
6.4
First published (updated )
XwikiXWiki Platform vulnerable to document deletion and overwrite from edit
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-rendering-macro-includeXWiki programming rights may be inherited by inclusion
10
First published (updated )
XwikiDisabling a user account changes its author, allowing RCE from user account in XWiki
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-uiextension-apiXWiki Platform remote code execution from account through UIExtension parameters
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.commons:xwiki-commons-velocityXWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-realtime-uiXWiki Platform CSRF remote code execution through the realtime HTML Converter API
9.7
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform remote code execution from account via custom skins support
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiXWiki Platform CSRF remote code execution through scheduler job's document reference
9.1
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiXWiki Platform CSRF in the job scheduler
5.4
EPSS
0.04%
First published (updated )
XwikiXWiki Platform: Remote code execution through space title and Solr space facet
10
EPSS
0.04%
First published (updated )
XwikiXWiki Platform: Remote code execution from edit in multilingual wikis via translations
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.