Filter
AND
maven/org.xwiki.platform:xwiki-platform-attachment-apiorg.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move
8.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-skin-uiImproper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-skin-ui
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-annotation-coreImproper Neutralization of Script in Attributes in XWiki (X)HTML renderers
First published (updated )
maven/org.xwiki.platform:xwiki-platform-office-viewerExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-office-viewer
7.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection from view right on XWiki.AttachmentSelector in xwiki-platform
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-appwithinminutes-uiCross-site scripting (XSS) in xwiki-platform
7.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiCode injection in template provider administration in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesCode injection in xwiki-platform-web-templates
9.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-xclass-uiCode injection from view right on XWiki.ClassSheet in xwiki-platform
9.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-vfs-uiCode injection from account/view through VFS Tree macro in xwiki-platform
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-localization-source-wikiPage render failure due to broken translations in xwiki-platform
6.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection in org.xwiki.platform:xwiki-platform-attachment-ui
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-invitation-uiCode injection from view right using Invitation.InvitationCommon in xwiki-platform
9.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreCode injection in display method used in user profiles in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-distribution-warPrivilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration in xwiki-platform
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-rendering-async-macroAsync and display macro allow displaying and interacting with any document in restricted mode
10
First published (updated )
XWikixwiki-platform-administration-ui vulnerable to privilege escalation
9.9
First published (updated )
XWikiImproper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro
First published (updated )
XWikiURL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiUnauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
5.3
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability
9.1
First published (updated )
XWikiorg.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-flamingo-theme-uiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation
9.9
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-logging-ui Injection vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
XWikiImproper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
10
First published (updated )
XWikiXWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to exe…
5.4
First published (updated )
XWikiXWiki Platform users may execute anything with superadmin right through comments and async macro
10
First published (updated )
XWikiXWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.