Filters
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform allows XSS through XClass name in string properties
9.1
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiXWiki Remote Code Execution vulnerability via user registration
10
EPSS
0.58%
First published (updated )
Xwiki XwikiXWiki Platform remote code execution/programming rights with configuration section from any user account
10
First published (updated )
Xwiki XwikiXWiki Platform XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform RCE from account through SearchAdmin
10
First published (updated )
Xwiki XwikiXWiki Platform sends cookies to external images in rendered diff and is vulnerable to server side request forgery
First published (updated )
Xwiki XwikiCode execution via the edit action in XWiki platform
10
First published (updated )
Xwiki XwikiPrivilege escalation in Xwiki platform
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-administration-uiRemote code execution through the section parameter in Administration as guest in XWiki Platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-flamingo-skin-resourcesReflected Cross-site scripting through revision parameter in content menu in XWiki Platform
9.6
First published (updated )
Xwiki XwikiXWiki Platform XSS with edit right in the create document form for existing pages
First published (updated )
Xwiki XwikiXWiki Platform web templates vulnerable to reflected XSS in the create document form if name validation is enabled
9.6
First published (updated )
Xwiki XwikiXWiki users can be tricked to execute scripts as the create page action doesn't display the page's title
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki Xwikiorg.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter
10
First published (updated )
Xwiki XwikiXWiki Platform's Groovy jobs check the wrong author, allowing remote code execution
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to CSRF privilege escalation/RCE via the create action
9.1
First published (updated )
Xwiki XwikiXWiki Platform privilege escalation (PR) from account through AWM content fields
9.9
First published (updated )
Xwiki XwikiSXSS in the user profile via the timezone displayer
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiPrivilege escalation (PR)/RCE from account through Invitation subject/message
9.9
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API
9.6
First published (updated )
Xwiki XwikiXWiki Platform is a generic wiki platform offering runtime services for applications built on top of…
9.9
First published (updated )
Xwiki XwikiXWiki Platform is a generic wiki platform offering runtime services for applications built on top of…
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform is a generic wiki platform offering runtime services for applications built on top of…
9.9
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore template
9.7
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template
9.6
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in deletespace template
9.6
First published (updated )
Xwiki XwikiXWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in delete template
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwiki XwikiXWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults
10
First published (updated )