Filter
-Infinity
0
Trending
XwikiImproper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
10
First published (updated )
XwikiData leak through a XAR import XXE attack in xwiki-platform-xar-model
7.7
First published (updated )
maven/org.xwiki.platform:xwiki-platform-realtime-uiXWiki Platform CSRF remote code execution through the realtime HTML Converter API
9.7
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-solr-uiRemote code execution as guest via SolrSearchMacros request in xwiki
9.8
EPSS
0.06%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-notifications-uiMissing checks for notification filter preferences editions in XWiki Platform
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-notifications-uiData leak of notification filters of users in XWiki Platform
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-livedata-macroorg.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Cross-site Scripting
8.9
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreorg.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors
9.1
First published (updated )
Xwikiorg.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
9.1
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiUnauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
5.3
First published (updated )
maven/org.xwiki.platform:xwiki-platform-vfs-uiCode injection from account/view through VFS Tree macro in xwiki-platform
8.8
First published (updated )
maven/org.xwiki.platform:xwiki-platform-administration-uiCode injection via unescaped translations in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-xclass-uiCode injection from view right on XWiki.ClassSheet in xwiki-platform
9.9
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwikiorg.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins
9.1
First published (updated )
XwikiImproper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro
First published (updated )
XwikiURL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore
6.1
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-flamingo-theme-uiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation
9.9
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-notifications-ui Eval Injection vulnerability
10
First published (updated )
Xwikixwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwikiorg.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticated endpoints
6.1
First published (updated )
Xwikixwiki-platform-administration-ui vulnerable to privilege escalation
9.9
First published (updated )
maven/com.xwiki.licensing:application-licensing-licensor-uiLicense information is public, exposing instance id and license holder details
5.3
EPSS
0.04%
First published (updated )
XwikiDisabling a user account changes its author, allowing RCE from user account in XWiki
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.