Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xwiki xwiki 1.1 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-36468
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When an XWiki installation is upgraded and that upgrade contains a fix for a bug in a document, just a new version of that document is added. In some cases, it's still po...
Xwiki Xwiki 15.0
Xwiki Xwiki
Xwiki Xwiki 15.1
7.7
CVSSv3
CVE-2023-27480
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit rights on a document can trigger an XAR import on a forged XAR file, leading to the ability to display the content of any file on the X...
Xwiki Xwiki
Xwiki Xwiki 1.1
8.1
CVSSv3
CVE-2022-36090
XWiki Platform Old Core is a core package for XWiki Platform, a generic wiki platform. Prior to versions 13.1.0.5 and 14.3-rc-1, some resources are missing a check for inactive (not yet activated or disabled) users in XWiki, including the REST service. This means a disabled user ...
Xwiki Xwiki
NA
CVE-2010-4641
SQL injection vulnerability in XWiki Enterprise prior to 2.5 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Xwiki Xwiki 1.0
Xwiki Xwiki 1.1
Xwiki Xwiki 0.9.840
Xwiki Xwiki 0.9.790
Xwiki Xwiki 0.9.793
Xwiki Xwiki 0.9.1252
Xwiki Xwiki 0.9.543
Xwiki Xwiki
NA
CVE-2010-4642
Cross-site scripting (XSS) vulnerability in XWiki Enterprise prior to 2.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Xwiki Xwiki 1.1
Xwiki Xwiki 1.0
Xwiki Xwiki 0.9.840
Xwiki Xwiki 0.9.793
Xwiki Xwiki 0.9.790
Xwiki Xwiki
Xwiki Xwiki 0.9.543
Xwiki Xwiki 0.9.1252
NA
CVE-2007-4898
Unspecified vulnerability in the Multiwiki plugin in XWiki prior to 1.1 Enterprise RC2 allows remote authenticated users, with administrative access to one wiki in a multiwiki environment, to obtain sensitive information via unknown attack vectors. NOTE: Some of these details are...
Xwiki Xwiki
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started