Filter
AND
Xwiki XwikiXWiki Platform XSS with edit right in the create document form for existing pages
First published (updated )
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move
8.1
First published (updated )
Xwiki XwikiExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-office-viewer
7.5
First published (updated )
Xwiki XwikiCode injection from view right on XWiki.AttachmentSelector in xwiki-platform
9.9
First published (updated )
Xwiki XwikiCross-site scripting (XSS) in xwiki-platform
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiCode injection in template provider administration in xwiki-platform
10
First published (updated )
Xwiki XwikiCode injection in xwiki-platform-web-templates
9.9
First published (updated )
Xwiki XwikiCode injection from account/view through VFS Tree macro in xwiki-platform
8.8
First published (updated )
Xwiki XwikiPage render failure due to broken translations in xwiki-platform
6.5
First published (updated )
Xwiki XwikiCode injection in org.xwiki.platform:xwiki-platform-attachment-ui
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiCode injection from view right using Invitation.InvitationCommon in xwiki-platform
9.9
First published (updated )
Xwiki XwikiCode injection in display method used in user profiles in xwiki-platform
10
First published (updated )
Xwiki XwikiAsync and display macro allow displaying and interacting with any document in restricted mode
10
First published (updated )
Xwiki Xwikixwiki-platform-administration-ui vulnerable to privilege escalation
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation
9.9
First published (updated )
Xwiki XwikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
Xwiki XwikiImproper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to exe…
5.4
First published (updated )
Xwiki XwikiXWiki Platform users may execute anything with superadmin right through comments and async macro
10
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
10
First published (updated )
Xwiki XwikiXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vm
6.5
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform vulnerable to Remote Code Execution in Annotations
10
First published (updated )
Xwiki XwikiTwo XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor
7.5
First published (updated )
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-rendering-parser vulnerable to Improper Handling of Exceptional Conditions
6.5
First published (updated )
Xwiki XwikiXWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live Data
8.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiMissing Authorization in XWiki Platform
9.6
First published (updated )
Xwiki XwikiExposure of Private Personal Information to an Unauthorized Actor in xwiki-platform-rest-server
7.5
First published (updated )
Xwiki XwikiXWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval Injection
9.9
First published (updated )
Xwiki XwikiXWiki Platform Mentions UI vulnerable to Cross-site Scripting
First published (updated )
Xwiki XwikiXWiki Platform Wiki UI Main Wiki Eval Injection vulnerability
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form
8.9
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list
First published (updated )
Xwiki XwikiXWiki Cross-Site Request Forgery (CSRF) for actions on tags
4.3
First published (updated )
Xwiki XwikiXWiki Platform Web Parent POM vulnerable to XSS in the attachment history
First published (updated )
Xwiki XwikiXWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
8.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action
7.5
First published (updated )
Xwiki XwikiXWiki Platform Web Templates vulnerable to Missing Authorization and Exposure of Private Personal Information to an Unauthorized Actor
7.5
First published (updated )
Xwiki XwikiXWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groups
8.8
First published (updated )
Xwiki XwikiCrypto script service uses hashing algorithm SHA1 with RSA for certificate signature in xwiki-platform
9.8
First published (updated )
Xwiki XwikiCross site scripting in registration template in xwiki-platform
7.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.