Filter
AND
Versions
15.0
43
14.0
27
14.5
24
15.6
16
15.0-rc1
10
14.10
6
14.10-rc1
6
14.4.0
5
15.1
5
15.1-rc1
5
14.0.0
4
14.4.4
4
15.6-rc1
4
2.3
4
1.0
3
14.4.3
3
15.7-rc1
3
3.0
3
3.0.1
3
3.1.1
3
1.7
2
1.8
2
12.0
2
14.0-rc1
2
14.5.0
2
14.6
2
14.8
2
15.2
2
15.2-rc1
2
15.3
2
15.3-rc1
2
2.2-milestone1
2
2.4-milestone2
2
2.5
2
2.5-milestone2
2
3.0-milestone3
2
3.0-milestone_2
2
3.0-rc1
2
3.1-milestone2
2
3.5
2
4.3-milestone2
2
4.3.1
2
6.2
2
6.2-milestone1
2
6.2-milestone2
2
6.2.1
2
6.3
2
6.3-milestone2
2
6.4
2
7.2
2
7.3
2
1.5
1
1.8-rc1
1
1.8-rc2
1
1.9
1
1.9-milestone2
1
10.11.1
1
10.9
1
11.10.1
1
11.10.2
1
11.6
1
11.6-rc1
1
11.8
1
11.8-milestone1
1
11.8.1
1
12.4
1
12.5
1
12.6.4
1
12.6.6
1
12.9
1
12.9-rc1
1
13.10
1
13.9
1
14.4.1
1
14.4.5
1
14.7
1
15.5-rc1
1
15.7
1
15.9
1
16.0
1
2.0
1
2.2.1
1
2.3-milestone1
1
2.4
1
3.0-milestone1
1
3.0-milestone2
1
3.1
1
3.1-milestone1
1
3.1-rc1
1
3.2-milestone3
1
3.3
1
3.3-milestone2
1
3.4
1
3.4-milestone-1
1
3.5-rc-1
1
4.1-milestone2
1
4.1.1
1
4.2
1
4.2-milestone3
1
4.3
1
4.3-rc1
1
4.5
1
5.0
1
5.0-milestone1
1
5.0-milestone2
1
5.1
1
5.2
1
5.2-milestone2
1
5.2-rc1
1
5.3
1
5.3-milestone2
1
5.4
1
5.4.4
1
6.0-milestone1
1
6.0-milestone2
1
6.0.1
1
6.1
1
6.1-milestone1
1
6.1-milestone2
1
6.1-rc1
1
6.2.4
1
6.3-milestone1
1
6.3-rc1
1
6.4-milestone2
1
6.4-milestone3
1
7.0
1
7.2-milestone2
1
7.2-milestone3
1
7.2-rc1
1
7.4.4
1
8.1
1
9.2
1
9.4
1
9.4-rc-1
1
9.6
1
9.7
1
maven/org.xwiki.platform:xwiki-platform-appwithinminutes-uiCode injection from account through AWM view sheet in xwiki platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rendering-async-macroAsync and display macro allow displaying and interacting with any document in restricted mode
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesCode injection in xwiki-platform-web-templates
9.9
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-logging-ui Injection vulnerability
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection from view right on XWiki.AttachmentSelector in xwiki-platform
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-distribution-warPrivilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiCode injection from account through XWiki.SchedulerJobSheet in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreCode injection in display method used in user profiles in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-invitation-uiCode injection from view right using Invitation.InvitationCommon in xwiki-platform
9.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection in org.xwiki.platform:xwiki-platform-attachment-ui
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-administration-uiCode injection in template provider administration in xwiki-platform
10
First published (updated )
maven/org.xwiki.commons:xwiki-commons-xmlImproper Neutralization of Invalid Characters in Data Attribute Names in org.xwiki.commons:xwiki-commons-xml
9.6
First published (updated )
XWikiXWiki Platform privilege escalation (PR)/RCE from account through class sheet
10
First published (updated )
XWikiXWiki Platform vulnerable to RXSS via editor parameter - importinline template
First published (updated )
maven/org.xwiki.platform:xwiki-platform-annotation-coreImproper Neutralization of Script in Attributes in XWiki (X)HTML renderers
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiorg.xwiki.platform:xwiki-platform-user-profile-ui missing authorization to enable or disable users
9.1
First published (updated )
XWikiXWiki Platform: Remote code execution through space title and Solr space facet
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform: Remote code execution as guest via DatabaseSearch
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform: Privilege escalation (PR) from user registration through PDFClass
10
EPSS
0.04%
First published (updated )
XWikiXWiki Platform: Remote code execution from edit in multilingual wikis via translations
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-scheduler-uiXWiki Platform CSRF remote code execution through scheduler job's document reference
9.1
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform remote code execution from account via custom skins support
10
EPSS
0.04%
First published (updated )
XWikiXWiki Platform has an SQL injection in getdocuments.vm with sort parameter
9.8
First published (updated )
maven/org.xwiki.commons:xwiki-commons-velocityXWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-uiextension-apiXWiki Platform remote code execution from account through UIExtension parameters
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiXWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-realtime-uiXWiki Platform CSRF remote code execution through the realtime HTML Converter API
9.7
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-help-uiPrivilege escalation (PR) from account through TipsPanel
10
First published (updated )
XWikiXWiki vulnerable to stored cross-site scripting via any wiki document and the displaycontent/rendercontent template
9.1
First published (updated )
XWikiPersistent Cross-site Scripting (XSS) through CKEditor Configuration pages in XWiki Platform
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.