Filters
Versions
15.0
31
14.0
26
14.5
24
15.0-rc1
10
14.10-rc1
6
15.6
6
15.1
5
15.1-rc1
5
14.10
4
14.4.0
4
15.6-rc1
4
2.3
4
1.0
3
14.0.0
3
14.4.4
3
15.7-rc1
3
3.0
3
1.7
2
1.8
2
12.0
2
14.0-rc1
2
14.4.3
2
14.5.0
2
14.6
2
15.2
2
15.2-rc1
2
15.3
2
15.3-rc1
2
2.2-milestone1
2
2.4-milestone2
2
2.5
2
2.5-milestone2
2
3.0-milestone3
2
3.0-milestone_2
2
3.0-rc1
2
3.1-milestone2
2
3.1.1
2
3.5
2
6.2
2
6.2-milestone1
2
6.2-milestone2
2
6.2.1
2
1.5
1
1.8-rc1
1
1.8-rc2
1
1.9
1
1.9-milestone2
1
10.11.1
1
11.10.1
1
11.10.2
1
11.6
1
11.6-rc1
1
11.8
1
12.5
1
12.6.4
1
12.6.6
1
12.9
1
12.9-rc1
1
13.10
1
14.4.1
1
14.4.5
1
14.8
1
15.5-rc1
1
15.7
1
15.9
1
16.0
1
2.0
1
2.3-milestone1
1
3.0-milestone1
1
3.0-milestone2
1
3.0.1
1
3.1
1
3.1-milestone1
1
3.1-rc1
1
3.2-milestone3
1
3.3
1
3.3-milestone2
1
3.4
1
3.4-milestone-1
1
3.5-rc-1
1
4.1-milestone2
1
4.1.1
1
4.2
1
4.2-milestone3
1
4.3-milestone2
1
4.3.1
1
4.5
1
5.0
1
5.0-milestone1
1
5.0-milestone2
1
5.1
1
5.3-milestone2
1
5.4
1
5.4.4
1
6.0-milestone1
1
6.0-milestone2
1
6.0.1
1
6.1
1
6.1-milestone1
1
6.1-milestone2
1
6.1-rc1
1
6.2.4
1
6.3
1
6.3-milestone1
1
6.3-milestone2
1
6.4-milestone2
1
6.4-milestone3
1
7.0
1
7.2
1
7.2-milestone2
1
7.2-milestone3
1
7.3
1
7.4.4
1
8.1
1
9.2
1
9.4
1
9.4-rc-1
1
9.6
1
9.7
1
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform allows XSS through XClass name in string properties
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesIn XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-web-templatesXWiki Platform XSS through conflict resolution
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rendering-macro-includeXWiki programming rights may be inherited by inclusion
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-administration-uiXWiki Remote Code Execution vulnerability via user registration
10
EPSS
0.58%
First published (updated )
Xwiki XwikiXWiki Platform remote code execution/programming rights with configuration section from any user account
10
First published (updated )
Xwiki XwikiXWiki Platform XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
9.6
First published (updated )
Xwiki XwikiXWiki Platform RCE from account through SearchAdmin
10
First published (updated )
Xwiki XwikiXWiki Platform sends cookies to external images in rendered diff and is vulnerable to server side request forgery
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiCode execution via the edit action in XWiki platform
10
First published (updated )
Xwiki XwikiPrivilege escalation in Xwiki platform
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiRemote code execution through the section parameter in Administration as guest in XWiki Platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-flamingo-skin-resourcesReflected Cross-site scripting through revision parameter in content menu in XWiki Platform
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform XSS with edit right in the create document form for existing pages
First published (updated )
Xwiki XwikiXWiki Platform web templates vulnerable to reflected XSS in the create document form if name validation is enabled
9.6
First published (updated )
Xwiki XwikiXWiki users can be tricked to execute scripts as the create page action doesn't display the page's title
First published (updated )
Xwiki XwikiXWiki Platform XSS vulnerability from account in the create page form via template provider
First published (updated )
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-menu-uiPrivilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheet
10
First published (updated )
Xwiki XwikiXWiki Platform's Groovy jobs check the wrong author, allowing remote code execution
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to CSRF privilege escalation/RCE via the create action
9.1
First published (updated )
Xwiki XwikiXWiki Platform privilege escalation (PR) from account through AWM content fields
9.9
First published (updated )
Xwiki XwikiSXSS in the user profile via the timezone displayer
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiPrivilege escalation (PR)/RCE from account through Invitation subject/message
9.9
First published (updated )
Xwiki XwikiImproper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-skin-ui
10
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API
9.6
First published (updated )
Xwiki XwikiXWiki Platform is a generic wiki platform offering runtime services for applications built on top of…
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform is a generic wiki platform offering runtime services for applications built on top of…
9.9
First published (updated )
Xwiki XwikiXWiki Platform is a generic wiki platform offering runtime services for applications built on top of…
9.9
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore template
9.7
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to stored cross-site scripting in ClassEditSheet page via name parameters
9.1
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication page
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template
9.6
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in deletespace template
9.6
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in delete template
9.6
First published (updated )
maven/org.xwiki.platform:xwiki-platform-help-uiPrivilege escalation (PR) from account through TipsPanel
10
First published (updated )
Xwiki XwikiXPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in preview actions template
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults
10
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation application
9.9
First published (updated )
Xwiki RenderingImproper Neutralization of Script in Attributes in XWiki (X)HTML renderers
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to RXSS via editor parameter - importinline template
First published (updated )
Xwiki XwikiXWiki Platform privilege escalation (PR)/RCE from account through class sheet
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiImproper Neutralization of Invalid Characters in Data Attribute Names in org.xwiki.commons:xwiki-commons-xml
9.6
First published (updated )
Xwiki XwikiCode injection from view right on XWiki.AttachmentSelector in xwiki-platform
9.9
First published (updated )
Xwiki XwikiCode injection in template provider administration in xwiki-platform
10
First published (updated )
Xwiki XwikiCode injection in xwiki-platform-web-templates
9.9
First published (updated )
Xwiki XwikiCode injection via unescaped translations in xwiki-platform
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.