Filter
-Infinity
0
Trending
maven/org.xwiki.platform:xwiki-platform-search-solr-uiRemote code execution as guest via SolrSearchMacros request in xwiki
9.8
EPSS
0.06%
First published (updated )
XwikiXWiki.org XWiki SolrSearchMacros text Command Injection Remote Code Execution Vulnerability
First published (updated )
XwikiZDI-24-1697: XWiki.org XWiki SolrSearchMacros text Command Injection Remote Code Execution Vulnerability
First published (updated )
XwikiXWiki Platform has an SQL injection in getdocuments.vm with sort parameter
9.8
First published (updated )
XWiki PDF Viewer Macromacro-pdfviewer's preview in WYSIWYG editor allows accessing any PDF document as the last author
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWiki PDF Viewer MacroThe PDF viewer macro allows accessing any attachment without access right checks
7.5
First published (updated )
XWiki PDF Viewer Macromacro-pdfviewer has a XSS through the width parameter
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-notifications-uiData leak of notification filters of users in XWiki Platform
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-notifications-uiMissing checks for notification filter preferences editions in XWiki Platform
6.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rest-serverXWiki Platform document history including authors of any page exposed to unauthorized actors
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform allows XSS through XClass name in string properties
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesIn XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
9.1
First published (updated )
XWiki Pro MacrosPro Macros Remote Code Execution via Viewpdf and similar macros
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesXWiki Platform XSS through conflict resolution
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader
6.4
First published (updated )
XwikiXWiki Platform vulnerable to document deletion and overwrite from edit
4.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rendering-macro-includeXWiki programming rights may be inherited by inclusion
10
First published (updated )
XwikiDisabling a user account changes its author, allowing RCE from user account in XWiki
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-uiextension-apiXWiki Platform remote code execution from account through UIExtension parameters
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.commons:xwiki-commons-velocityXWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-realtime-uiXWiki Platform CSRF remote code execution through the realtime HTML Converter API
9.7
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform remote code execution from account via custom skins support
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiXWiki Platform CSRF remote code execution through scheduler job's document reference
9.1
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiXWiki Platform CSRF in the job scheduler
5.4
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform: Remote code execution through space title and Solr space facet
10
EPSS
0.04%
First published (updated )
XwikiXWiki Platform: Remote code execution from edit in multilingual wikis via translations
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform: Remote code execution as guest via DatabaseSearch
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform: Privilege escalation (PR) from user registration through PDFClass
10
EPSS
0.04%
First published (updated )
XwikiXWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.