Filter
-Infinity
0
Trending
Versions
15.0
58
14.0
46
14.5
39
15.6
27
15.0-rc1
12
13.0
11
14.10
11
14.4.0
9
14.10-rc1
8
14.0.0
7
14.4.4
7
1.0
6
14.4.3
6
15.6-rc1
6
2.3
6
13.1
5
15.1
5
15.1-rc1
5
15.7-rc1
5
3.1.1
5
0.9.793
4
12.0
4
12.7
4
13.5
4
13.9
4
14.6
4
3.0
4
3.0-milestone3
4
3.0.1
4
6.4
4
0.9.1252
3
0.9.543
3
0.9.790
3
0.9.840
3
1.8
3
13.1-rc1
3
13.10
3
13.2
3
14.5.0
3
2.4
3
3.0-rc1
3
3.1-milestone2
3
3.2-milestone3
3
3.5
3
5.0
3
6.3-milestone2
3
7.2
3
7.3
3
1.0-b1
2
1.0-b2
2
Xwikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
XwikiTwo XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor
7.5
First published (updated )
XwikiXWiki Platform vulnerable to Remote Code Execution in Annotations
10
First published (updated )
XwikiXWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
10
First published (updated )
XwikiXWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live Data
8.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwikiorg.xwiki.platform:xwiki-platform-rendering-parser vulnerable to Improper Handling of Exceptional Conditions
6.5
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or Function
8.1
First published (updated )
XwikiXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vm
6.5
First published (updated )
XwikiXWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
10
First published (updated )
XwikiIn XWiki Platform, saving a document with a large object number leads to persistent OOM errors
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform allows macro execution as any user without programming rights through the context macro
5.4
First published (updated )
XwikiXWiki Platform users may execute anything with superadmin right through comments and async macro
10
First published (updated )
XwikiImproper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
10
First published (updated )
XwikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-realtime-uiXWiki Platform CSRF remote code execution through the realtime HTML Converter API
9.7
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-notifications-uiMissing checks for notification filter preferences editions in XWiki Platform
6.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-notifications-uiData leak of notification filters of users in XWiki Platform
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-livedata-macroorg.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Cross-site Scripting
8.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreorg.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors
9.1
First published (updated )
Xwikiorg.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwikiorg.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability
9.1
First published (updated )
XwikiUnauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-vfs-uiCode injection from account/view through VFS Tree macro in xwiki-platform
8.8
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiCode injection via unescaped translations in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-xclass-uiCode injection from view right on XWiki.ClassSheet in xwiki-platform
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwikiorg.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins
9.1
First published (updated )
XwikiImproper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro
First published (updated )
XwikiURL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.