Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xwiki xwiki 3.0 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv3
CVE-2023-45134
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. `org.xwiki.platform:xwiki-platform-web` starting in version 3.1-milestone-1 and before 13.4-rc-1, `org.xwiki.platform:xwiki-platform-web-templates` prior to versions 14.10.2 a...
Xwiki Xwiki 3.0
Xwiki Xwiki 3.1
Xwiki Xwiki 2.5
Xwiki Xwiki 2.4
Xwiki Xwiki
Xwiki Xwiki 3.0.1
8.8
CVSSv3
CVE-2021-32621
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions before 12.6.7 and 12.10.3, a user without Script or Programming right is able to execute script requiring privileges by editing gadget titles in the dashboard. The...
Xwiki Xwiki 3.0
Xwiki Xwiki
6.1
CVSSv3
CVE-2023-32070
XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched ...
Xwiki Xwiki
Xwiki Rendering 3.0
5.4
CVSSv3
CVE-2023-29206
XWiki Commons are technical libraries common to several other top level XWiki projects. There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object a...
Xwiki Xwiki 3.0
Xwiki Xwiki
5.4
CVSSv3
CVE-2023-26056
XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. ...
Xwiki Xwiki
Xwiki Xwiki 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started