Filter
AND
-Infinity
0
Trending
XWiki JIRA ExtensionThe XWiki JIRA extension allows data leak through an XXE attack by using a fake JIRA server
7.7
EPSS
0.03%
First published (updated )
XWiki PlatformThe WikiManager REST API allows any user to create wikis
7.9
First published (updated )
XWiki PlatformXWiki allows unregistered users to access private pages information through REST endpoint
8.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-security-authorization-apiXWiki uses the wrong wiki reference in AuthorizationManager
8.7
First published (updated )
XWiki Confluence Migrator ProXWiki Confluence Migrator Pro's homepage is public
7.5
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWiki PDF Viewer Macromacro-pdfviewer's preview in WYSIWYG editor allows accessing any PDF document as the last author
7.5
First published (updated )
XWiki PDF Viewer MacroThe PDF viewer macro allows accessing any attachment without access right checks
7.5
First published (updated )
XWiki PDF Viewer MacroThe PDF Viewer macro can be used to view PDF attachments with restricted access
7.7
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-distribution-warXWiki Denial of Service attack through attachments
7.5
EPSS
0.05%
First published (updated )
XwikiXWiki has no right protection on rollback action
8.8
EPSS
0.06%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-index-tree-macroVelocity execution without script right through tree macro
8.3
First published (updated )
XwikiXWiki Platform Solr search discloses password hashes of all users
7.5
First published (updated )
maven/org.xwiki.contrib.changerequest:application-changerequest-defaultData leak of password hash through xwiki change request
7.7
First published (updated )
maven/org.xwiki.contrib:xwiki-application-admintoolsXWiki Admin Tools Application CSRF with QueryOnXWiki allows arbitrary database queries
8.8
First published (updated )
XwikiXWiki exposed whole content of all documents of all wikis to anybody with view right on Solr suggest service
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWiki Application - CollaboraThe same file cannot be opened with different rights
7.4
First published (updated )
maven/org.xwiki.platform:xwiki-platform-attachment-apiorg.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move
8.1
First published (updated )
XwikiXWiki Platform vulnerable to cross-site scripting in target parameter via share page by email
8.8
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform vulnerable to reflected cross-site scripting via delattachment action
8.4
First published (updated )
XwikiXWiki Platform may show email addresses in clear in REST results
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform may retrieve email addresses of all users
7.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-office-viewerExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-office-viewer
7.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-appwithinminutes-uiCross-site scripting (XSS) in xwiki-platform
7.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-vfs-uiCode injection from account/view through VFS Tree macro in xwiki-platform
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-livedata-macroorg.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Cross-site Scripting
8.9
First published (updated )
XwikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
XwikiIn XWiki Platform, saving a document with a large object number leads to persistent OOM errors
7.5
First published (updated )
XwikiTwo XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor
7.5
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or Function
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.