Filter
AND
-Infinity
0
Trending
XwikiExposure of Private Personal Information to an Unauthorized Actor in xwiki-platform-rest-server
7.5
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
XwikiXWiki Platform vulnerable to Remote Code Execution in Annotations
10
First published (updated )
XwikiXWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live Data
8.9
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-rendering-parser vulnerable to Improper Handling of Exceptional Conditions
6.5
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or Function
8.1
First published (updated )
XwikiXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vm
6.5
First published (updated )
XwikiXWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform allows macro execution as any user without programming rights through the context macro
5.4
First published (updated )
XWikiXWiki Commons may allow privilege escalation to programming rights via user's first name
10
First published (updated )
XwikiXWiki Platform users may execute anything with superadmin right through comments and async macro
10
First published (updated )
XwikiImproper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
10
First published (updated )
XwikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwikiorg.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
9.1
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability
9.1
First published (updated )
XwikiUnauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-vfs-uiCode injection from account/view through VFS Tree macro in xwiki-platform
8.8
First published (updated )
maven/org.xwiki.platform:xwiki-platform-xclass-uiCode injection from view right on XWiki.ClassSheet in xwiki-platform
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiImproper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro
First published (updated )
XwikiURL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore
6.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-flamingo-theme-uiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation
9.9
First published (updated )
Xwikixwiki-platform-administration-ui vulnerable to privilege escalation
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-rendering-async-macroAsync and display macro allow displaying and interacting with any document in restricted mode
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesCode injection in xwiki-platform-web-templates
9.9
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-logging-ui Injection vulnerability
First published (updated )
maven/org.xwiki.platform:xwiki-platform-appwithinminutes-uiCross-site scripting (XSS) in xwiki-platform
7.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection from view right on XWiki.AttachmentSelector in xwiki-platform
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.