Filter
-Infinity
0
Trending
Software
XWiki JIRA ExtensionThe XWiki JIRA extension allows data leak through an XXE attack by using a fake JIRA server
7.7
EPSS
0.03%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-security-authorization-apiXWiki uses the wrong wiki reference in AuthorizationManager
8.7
First published (updated )
XWiki PlatformXWiki allows unregistered users to access private pages information through REST endpoint
8.7
First published (updated )
XWiki PlatformThe WikiManager REST API allows any user to create wikis
7.9
First published (updated )
XWiki Confluence Migrator ProXWiki Confluence Migrator Pro's homepage is public
7.5
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XWiki CKEditor Integrationorg.xwiki.contrib:application-ckeditor-ui vulnerable to Remote Code Execution via Cross-Site Request Forgery
9.1
First published (updated )
maven/com.xwiki.confluencepro:application-confluence-migrator-pro-uiXWiki Confluence Migrator Pro allows Remote Code Execution via unescaped translations
9.1
EPSS
0.10%
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
XwikiTwo XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor
7.5
First published (updated )
XwikiXWiki Platform vulnerable to Remote Code Execution in Annotations
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
10
First published (updated )
XwikiXWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live Data
8.9
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-rendering-parser vulnerable to Improper Handling of Exceptional Conditions
6.5
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or Function
8.1
First published (updated )
XwikiXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vm
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
10
First published (updated )
XwikiIn XWiki Platform, saving a document with a large object number leads to persistent OOM errors
7.5
First published (updated )
XwikiXWiki Platform allows macro execution as any user without programming rights through the context macro
5.4
First published (updated )
XWikiXWiki Commons may allow privilege escalation to programming rights via user's first name
10
First published (updated )
XwikiXWiki Platform users may execute anything with superadmin right through comments and async macro
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiImproper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
10
First published (updated )
XwikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-realtime-uiXWiki Platform CSRF remote code execution through the realtime HTML Converter API
9.7
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-solr-uiRemote code execution as guest via SolrSearchMacros request in xwiki
First published (updated )
maven/org.xwiki.platform:xwiki-platform-notifications-uiMissing checks for notification filter preferences editions in XWiki Platform
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-notifications-uiData leak of notification filters of users in XWiki Platform
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-livedata-macroorg.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Cross-site Scripting
8.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreorg.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors
9.1
First published (updated )
Xwikiorg.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
9.1
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.