Filter
-Infinity
0
Trending
Versions
15.0
59
14.0
46
14.5
40
15.6
27
15.0-rc1
13
13.0
12
14.10
11
14.4.0
9
14.10-rc1
8
16.0.0
8
1.0
7
14.0.0
7
14.4.4
7
2.3
7
14.4.3
6
15.1
6
15.1-rc1
6
15.6-rc1
6
3.1.1
6
13.1
5
13.5
5
14.6
5
15.7-rc1
5
0.9.793
4
1.8
4
12.0
4
12.7
4
13.9
4
3.0
4
3.0-milestone3
4
3.0.1
4
3.1-milestone2
4
0.9.1252
3
0.9.543
3
0.9.790
3
0.9.840
3
13.1-rc1
3
13.10
3
13.2
3
14.5.0
3
2.4
3
3.0-rc1
3
3.1-milestone1
3
3.2-milestone3
3
3.3
3
3.5
3
4.2
3
4.2-milestone3
3
5.0
3
5.3-milestone2
3
XwikiXWiki Platform remote code execution/programming rights with configuration section from any user account
10
First published (updated )
XwikiRemote code execution as guest via SolrSearchMacros request in xwiki
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rest-serverorg.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API
9.8
EPSS
0.32%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-help-uiXWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList
10
First published (updated )
XwikiXWiki allows remote code execution through the extension sheet
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-oldcoreorg.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API
8.8
EPSS
0.05%
First published (updated )
XwikiXWiki's scheduler in subwiki allows scheduling operations for any main wiki user
5.4
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiXWiki allows RCE from script right in configurable sections
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-messagestreamXWiki allows unregistered users to see "public" messages from a closed wiki via notifications from a different wiki
4.7
EPSS
0.06%
First published (updated )
XwikiPartial authorization bypass on document save in xwiki-platform
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-oldcoreOpen Redirect in xwiki-platform
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiCross site scripting in registration template in xwiki-platform
7.4
First published (updated )
maven/org.xwiki.platform:xwiki-platform-cryptoCrypto script service uses hashing algorithm SHA1 with RSA for certificate signature in xwiki-platform
9.8
First published (updated )
XwikiCross-site Scripting in XWiki Platform Wiki UI Main Wiki
7.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiCross-site Scripting in the Flamingo theme manager
7.4
First published (updated )
XwikiCross-site Scripting in Filter Stream Converter Application in XWiki Platform
7.4
First published (updated )
XwikiXWiki Platform Web Templates vulnerable to Missing Authorization and Exposure of Private Personal Information to an Unauthorized Actor
7.5
First published (updated )
XwikiXWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action
7.5
First published (updated )
XwikiXWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
8.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Cross-Site Request Forgery (CSRF) for actions on tags
4.3
First published (updated )
XwikiXWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list
First published (updated )
XwikiExposure of Private Personal Information to an Unauthorized Actor in xwiki-platform-rest-server
7.5
First published (updated )
XwikiXWiki Platform vulnerable to Cross-Site Request Forgery (CSRF) allowing to delete or rename tags
7.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.