Filter
AND
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform allows XSS through XClass name in string properties
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
10
First published (updated )
XWikiXWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader
6.4
First published (updated )
XWikiXWiki Platform vulnerable to document deletion and overwrite from edit
4.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-uiextension-apiXWiki Platform remote code execution from account through UIExtension parameters
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.commons:xwiki-commons-velocityXWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-realtime-uiXWiki Platform CSRF remote code execution through the realtime HTML Converter API
9.7
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform remote code execution from account via custom skins support
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiXWiki Platform CSRF remote code execution through scheduler job's document reference
9.1
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiXWiki Platform CSRF in the job scheduler
5.4
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiXWiki Platform: Remote code execution through space title and Solr space facet
10
EPSS
0.04%
First published (updated )
XWikiXWiki Platform: Remote code execution from edit in multilingual wikis via translations
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform: Remote code execution as guest via DatabaseSearch
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform: Privilege escalation (PR) from user registration through PDFClass
10
EPSS
0.04%
First published (updated )
XWikiXWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
6.8
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-distribution-warXWiki Denial of Service attack through attachments
7.5
EPSS
0.05%
First published (updated )
XWikiXWiki has no right protection on rollback action
8.8
EPSS
0.06%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiXWiki Remote Code Execution vulnerability via user registration
10
EPSS
0.58%
First published (updated )
XWikiXWiki Platform remote code execution/programming rights with configuration section from any user account
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiXWiki Platform XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
9.6
First published (updated )
XWikiXWiki Platform RCE from account through SearchAdmin
10
First published (updated )
XWikiXWiki Platform Solr search discloses password hashes of all users
7.5
First published (updated )
XWikiXWiki Platform Solr search discloses email addresses of users
5.3
First published (updated )