Filters
Versions
14.0
5
14.5
5
13.0
4
15.0
4
0.9.793
3
13.1
3
13.1-rc1
3
15.6
3
0.9.1252
2
0.9.543
2
0.9.790
2
0.9.840
2
1.0
2
13.9
2
14.0.0
2
14.4.3
2
14.4.4
2
6.0
2
1.0-b1
1
1.0-b2
1
1.1-rc1
1
1.3
1
1.3-rc1
1
1.8
1
10.7
1
11.6.1
1
11.7-rc1
1
12.0.0
1
12.10.11
1
12.10.2
1
12.10.5
1
12.10.6
1
12.7
1
13.0.0
1
13.10.4
1
13.10.8
1
13.2
1
13.3
1
13.4
1
13.4.0
1
13.4.4
1
13.6
1
13.7
1
14.10
1
14.10-rc1
1
14.10.8
1
14.2
1
14.4.0
1
14.4.5
1
14.6
1
14.7
1
15.0-rc1
1
15.6-rc1
1
15.7-rc1
1
16.0-rc-1
1
16.0.0
1
2.0-milestone2
1
2.3
1
2.4
1
3.0-milestone1
1
3.0-milestone2
1
3.0-milestone3
1
3.1
1
3.5
1
4.2
1
4.2-milestone-3
1
5.0-milestone1
1
5.0.1
1
6.0-rc1
1
7.2
1
8.3-rc1
1
8.4
1
9.4-rc1
1
maven/org.xwiki.platform:xwiki-platform-rest-serverXWiki Platform document history including authors of any page exposed to unauthorized actors
5.3
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader
6.4
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to document deletion and overwrite from edit
4.3
First published (updated )
Xwiki XwikiXWiki Platform Solr search discloses email addresses of users
5.3
First published (updated )
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiVelocity execution without script rights in Xwiki platform
6.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-livetable-uiXWiki Platform's obfuscated email addresses should not be sorted
4.3
First published (updated )
Xwiki XwikiCVE-2023-34464
First published (updated )
Xwiki XwikiURL Redirection to Untrusted Site in XWiki
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiUsers can be created even when registration is disabled without validation via the template macro in xwiki-platform
First published (updated )
Xwiki XwikiPage render failure due to broken translations in xwiki-platform
6.5
First published (updated )
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticated endpoints
6.1
First published (updated )
Xwiki XwikiXWiki Commons are technical libraries common to several other top level XWiki projects. It is possib…
6.1
First published (updated )
Xwiki XwikiCVE-2023-29203
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to exe…
5.4
First published (updated )
Xwiki XwikiXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vm
6.5
First published (updated )
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-rendering-parser vulnerable to Improper Handling of Exceptional Conditions
6.5
First published (updated )
Xwiki XwikiExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui
5.3
First published (updated )
Xwiki XwikiMissing Authorization in User#setDisabledStatus in org.xwiki.platform:xwiki-platform-oldcore
4.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiPlaintext storage of password in org.xwiki.platform:xwiki-platform-security-authentication-default
6.5
First published (updated )
Xwiki XwikiXWiki Cross-Site Request Forgery (CSRF) for actions on tags
4.3
First published (updated )
Xwiki XwikiUnauthenticated user can list hidden document from multiple velocity templates
5.3
First published (updated )
Xwiki XwikiUnauthenticated user can retrieve the list of users through uorgsuggest.vm
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiPath traversal in xwiki-platform-skin-skinx
6.8
First published (updated )
Xwiki XwikiPartial authorization bypass on document save in xwiki-platform
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-tool-configuration-resourcesXSS by SVG upload in xwiki-platform
5.4
First published (updated )
Xwiki XwikiThe reset password form reveal users email address
5.3
First published (updated )
Xwiki XwikiNo CSRF protection on the password change form
5.7
First published (updated )
Xwiki XwikiA user without PR can reset user authentication failures information
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiUsers with SCRIPT rights can execute arbitrary code in XWiki
6.6
First published (updated )
Xwiki XwikiCross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to i…
4.3
First published (updated )
Xwiki XwikiPreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the…
6.5
First published (updated )
Xwiki XwikiThe search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote atta…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.