Filter
AND
-Infinity
0
Trending
Versions
14.0
14
14.5
9
13.0
7
15.0
6
13.5
4
14.10
4
12.7
3
15.6
3
1.1
2
12.0
2
12.10
2
13.1
2
13.10
2
14.4.0
2
3.2-milestone3
2
6.4
2
0.9.1252
1
0.9.543
1
0.9.790
1
0.9.793
1
0.9.840
1
1.0-b1
1
1.0-b2
1
1.1-milestone3
1
1.1-milestone4
1
1.1-rc1
1
1.3
1
1.6
1
11.3.7
1
11.4
1
11.6
1
12.0.0
1
12.10.10
1
12.10.3
1
12.7.1
1
12.8
1
13.10.1
1
13.10.2
1
13.4
1
13.4.0
1
13.4.2
1
13.4.6
1
13.5.0
1
13.6
1
14.0.0
1
14.10-rc1
1
14.3
1
14.4
1
14.4.3
1
14.4.4
1
maven/org.xwiki.platform:xwiki-platform-oldcoreorg.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API
8.8
EPSS
0.05%
First published (updated )
XwikiCross site scripting in registration template in xwiki-platform
7.4
First published (updated )
XwikiCross-site Scripting in XWiki Platform Wiki UI Main Wiki
7.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiCross-site Scripting in the Flamingo theme manager
7.4
First published (updated )
XwikiCross-site Scripting in Filter Stream Converter Application in XWiki Platform
7.4
First published (updated )
XwikiXWiki Platform Web Templates vulnerable to Missing Authorization and Exposure of Private Personal Information to an Unauthorized Actor
7.5
First published (updated )
XwikiXWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action
7.5
First published (updated )
XwikiXWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
8.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiExposure of Private Personal Information to an Unauthorized Actor in xwiki-platform-rest-server
7.5
First published (updated )
XwikiXWiki Platform vulnerable to Cross-Site Request Forgery (CSRF) allowing to delete or rename tags
7.4
First published (updated )
XwikiCreation of new database tables through login form on PostgreSQL
7.5
First published (updated )
XwikiIncorrect Use of Privileged APIs in org.xwiki.platform.skin.skinx
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same reference
7.1
First published (updated )
XwikiXWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groups
8.8
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-oldcore Improper Authorization check for inactive users
8.1
First published (updated )
XwikiXWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form
8.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiTwo XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor
7.5
First published (updated )
XwikiXWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live Data
8.9
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or Function
8.1
First published (updated )
XwikiIn XWiki Platform, saving a document with a large object number leads to persistent OOM errors
7.5
First published (updated )
XwikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-livedata-macroorg.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Cross-site Scripting
8.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-vfs-uiCode injection from account/view through VFS Tree macro in xwiki-platform
8.8
First published (updated )
maven/org.xwiki.platform:xwiki-platform-appwithinminutes-uiCross-site scripting (XSS) in xwiki-platform
7.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-office-viewerExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-office-viewer
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.