Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xwiki xwiki vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2012-1019
Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterprise 3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) XWiki.XWikiComments_comment parameter to xwiki/bin/commentadd/Main/WebHome, (2) XWiki.XWikiUsers_0_company parameter when ed...
Xwiki Xwiki Enterprise 3.4
383
VMScore
CVE-2010-4640
Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 allow remote malicious users to inject arbitrary web script or HTML via the rev parameter to (1) bin/viewrev/Main/WebHome and (2) bin/view/Blog, and the (3) register_first_name and (4) register_last_name param...
Xwiki Xwiki Watch 1.0
383
VMScore
CVE-2010-4642
Cross-site scripting (XSS) vulnerability in XWiki Enterprise prior to 2.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Xwiki Xwiki 1.1
Xwiki Xwiki 1.0
Xwiki Xwiki 0.9.840
Xwiki Xwiki 0.9.793
Xwiki Xwiki 0.9.790
Xwiki Xwiki
Xwiki Xwiki 0.9.543
Xwiki Xwiki 0.9.1252
357
VMScore
CVE-2022-23621
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with SCRIPT right can read any file located in the XWiki WAR (for example xwiki.cfg and xwiki.properties) through XWiki#invokeServletAndReturnAsS...
Xwiki Xwiki
357
VMScore
CVE-2022-23617
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit right can copy the content of a page it does not have access to by using it as template of a new page. This issue has been patched in X...
Xwiki Xwiki
Xwiki Xwiki 13.0
Xwiki Xwiki 13.1
356
VMScore
CVE-2022-29253
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with ".."...
Xwiki Xwiki 8.3
Xwiki Xwiki
356
VMScore
CVE-2022-24898
org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. Starting in version 2.7 and prior to versions 12.10.10, 13.4.4, and 13.8-rc-1, it is possible for a script to access any file accessing to the user running XWiki application server with...
Xwiki Commons
356
VMScore
CVE-2021-32620
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions before 11.10.13, 12.6.7, and 12.10.2, a user disabled on a wiki using email verification for registration canouldre-activate themself by using the activation link ...
Xwiki Xwiki
312
VMScore
CVE-2021-43841
XWiki is a generic wiki platform offering runtime services for applications built on top of it. When using default XWiki configuration, it's possible for an malicious user to upload an SVG containing a script executed when executing the download action on the file. This prob...
Xwiki Xwiki
312
VMScore
CVE-2021-21379
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform, the `{{wikimacrocontent}}` executes the content with the rights of the wiki macro author instead of the caller of that wiki macro. This...
Xwiki Xwiki
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »