Filter
AND
-Infinity
0
Trending
maven/org.xwiki.platform:xwiki-platform-notifications-uiMissing checks for notification filter preferences editions in XWiki Platform
6.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-notifications-uiData leak of notification filters of users in XWiki Platform
5.3
First published (updated )
XwikiUnauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
5.3
First published (updated )
XwikiURL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore
6.1
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticated endpoints
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/com.xwiki.licensing:application-licensing-licensor-uiLicense information is public, exposing instance id and license holder details
5.3
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesUsers can be created even when registration is disabled without validation via the template macro in xwiki-platform
First published (updated )
maven/org.xwiki.platform:xwiki-platform-localization-source-wikiPage render failure due to broken translations in xwiki-platform
6.5
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiXWiki Platform CSRF in the job scheduler
5.4
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader
6.4
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
6.8
EPSS
0.04%
First published (updated )
XwikiXWiki Platform's tags on non-viewable pages can be revealed to users
4.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreVelocity execution without script rights in Xwiki platform
6.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rest-serverXWiki Platform document history including authors of any page exposed to unauthorized actors
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-oldcoreorg.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents
6.5
First published (updated )
XwikiThe search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote atta…
First published (updated )
XwikiXWiki Platform vulnerable to document deletion and overwrite from edit
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWiki CryptpadThe pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker (who has acces…
6.5
First published (updated )
XwikiUsers with SCRIPT rights can execute arbitrary code in XWiki
6.6
First published (updated )
maven/org.xwiki.platform:xwiki-platform-tool-configuration-resourcesXSS by SVG upload in xwiki-platform
5.4
First published (updated )
XwikiThe reset password form reveal users email address
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiNo CSRF protection on the password change form
5.7
First published (updated )
XwikiA user without PR can reset user authentication failures information
5.5
First published (updated )
XwikiExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui
5.3
First published (updated )
XwikiMissing Authorization in User#setDisabledStatus in org.xwiki.platform:xwiki-platform-oldcore
4.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.