Filter
AND
Software
maven/org.xwiki.platform:xwiki-platform-search-solr-uiRemote code execution as guest via SolrSearchMacros request in xwiki
9.8
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreorg.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors
9.1
First published (updated )
XWikiorg.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
9.1
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiCode injection via unescaped translations in xwiki-platform
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-xclass-uiCode injection from view right on XWiki.ClassSheet in xwiki-platform
9.9
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
10
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins
9.1
First published (updated )
XWikiImproper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-flamingo-theme-uiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation
9.9
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability
10
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-notifications-ui Eval Injection vulnerability
10
First published (updated )
XWikixwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWikiorg.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
10
First published (updated )
XWikixwiki-platform-administration-ui vulnerable to privilege escalation
9.9
First published (updated )
XWikiDisabling a user account changes its author, allowing RCE from user account in XWiki
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-appwithinminutes-uiCode injection from account through AWM view sheet in xwiki platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rendering-async-macroAsync and display macro allow displaying and interacting with any document in restricted mode
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-web-templatesCode injection in xwiki-platform-web-templates
9.9
First published (updated )
XWikiorg.xwiki.platform:xwiki-platform-logging-ui Injection vulnerability
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection from view right on XWiki.AttachmentSelector in xwiki-platform
9.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-distribution-warPrivilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiCode injection from account through XWiki.SchedulerJobSheet in xwiki-platform
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-oldcoreCode injection in display method used in user profiles in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-invitation-uiCode injection from view right using Invitation.InvitationCommon in xwiki-platform
9.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-uiCode injection in org.xwiki.platform:xwiki-platform-attachment-ui
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiCode injection in template provider administration in xwiki-platform
10
First published (updated )
XWiki CommonsCross-site Scripting in org.xwiki.commons:xwiki-commons-xml
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.