Filter
AND
XWikiXWiki Platform has an SQL injection in getdocuments.vm with sort parameter
9.8
First published (updated )
XWikiXWiki Platform XSS with edit right in the create document form for existing pages
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-apiorg.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move
8.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-office-viewerExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-office-viewer
7.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection from view right on XWiki.AttachmentSelector in xwiki-platform
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-appwithinminutes-uiCross-site scripting (XSS) in xwiki-platform
7.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiCode injection in template provider administration in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesCode injection in xwiki-platform-web-templates
9.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-vfs-uiCode injection from account/view through VFS Tree macro in xwiki-platform
8.8
First published (updated )
maven/org.xwiki.platform:xwiki-platform-localization-source-wikiPage render failure due to broken translations in xwiki-platform
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection in org.xwiki.platform:xwiki-platform-attachment-ui
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-invitation-uiCode injection from view right using Invitation.InvitationCommon in xwiki-platform
9.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreCode injection in display method used in user profiles in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rendering-async-macroAsync and display macro allow displaying and interacting with any document in restricted mode
10
First published (updated )
XWikixwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikixwiki-platform-administration-ui vulnerable to privilege escalation
9.9
First published (updated )
XWikiImproper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro
First published (updated )
maven/org.xwiki.platform:xwiki-platform-flamingo-theme-uiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation
9.9
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-logging-ui Injection vulnerability
First published (updated )
XWikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiImproper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
10
First published (updated )
XWikiXWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to exe…
5.4
First published (updated )
XWikiXWiki Platform users may execute anything with superadmin right through comments and async macro
10
First published (updated )
XWikiXWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
10
First published (updated )
XWikiXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vm
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiXWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
10
First published (updated )
XWikiXWiki Platform vulnerable to Remote Code Execution in Annotations
10
First published (updated )
XWikiTwo XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor
7.5
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-rendering-parser vulnerable to Improper Handling of Exceptional Conditions
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.