Filter
-Infinity
0
Trending
maven/org.xwiki.platform:xwiki-platform-administration-uiXWiki Remote Code Execution vulnerability via user registration
10
EPSS
0.58%
First published (updated )
XwikiXWiki Platform: Remote code execution through space title and Solr space facet
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform: Remote code execution as guest via DatabaseSearch
10
EPSS
0.04%
First published (updated )
XwikiXWiki Platform: Remote code execution from edit in multilingual wikis via translations
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform: Privilege escalation (PR) from user registration through PDFClass
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.commons:xwiki-commons-velocityXWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreXWiki Platform remote code execution from account via custom skins support
10
EPSS
0.04%
First published (updated )
XwikiXWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-uiextension-apiXWiki Platform remote code execution from account through UIExtension parameters
10
EPSS
0.04%
First published (updated )
maven/org.xwiki.platform:xwiki-platform-rendering-macro-includeXWiki programming rights may be inherited by inclusion
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.xwiki.platform:xwiki-platform-search-uiXWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
10
First published (updated )
XWiki Pro MacrosPro Macros Remote Code Execution via Viewpdf and similar macros
10
First published (updated )
maven/org.xwiki.contrib.changerequest:application-changerequest-uiChange Request Application vulnerable to XSS and remote code execution through change request title
10
First published (updated )
maven/com.xwiki.identity-oauth:identity-oauth-uiRemote code execution from login screen through unescaped URL parameter in OAuth Identity XWiki App
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-skin-uiImproper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-skin-ui
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiXWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
10
First published (updated )
XwikiXWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
XwikiXWiki Platform users may execute anything with superadmin right through comments and async macro
10
First published (updated )
XwikiXWiki Platform vulnerable to Remote Code Execution in Annotations
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
XwikiImproper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
10
First published (updated )
Xwikixwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xwikiorg.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability
10
First published (updated )
Xwikiorg.xwiki.platform:xwiki-platform-notifications-ui Eval Injection vulnerability
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-scheduler-uiCode injection from account through XWiki.SchedulerJobSheet in xwiki-platform
10
First published (updated )
maven/org.xwiki.platform:xwiki-platform-oldcoreCode injection in display method used in user profiles in xwiki-platform
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.