Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xwiki xwiki vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2023-45135
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In `org.xwiki.platform:xwiki-platform-web` versions 7.2-milestone-2 until 14.10.12 and `org.xwiki.platform:xwiki-platform-web-templates` prior to versions 14.10.12 and 15.5-rc...
Xwiki Xwiki
Xwiki Xwiki 7.2
9.6
CVSSv3
CVE-2023-45136
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When document names are validated according to a name strategy (disabled by default), XWiki starting in version 12.0-rc-1 and prior to versions 12.10.12 and 15.5-rc-1 is vulne...
Xwiki Xwiki
Xwiki Xwiki 15.5
5.4
CVSSv3
CVE-2023-45137
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. `org.xwiki.platform:xwiki-platform-web` starting in version 3.1-milestone-2 and prior to version 13.4-rc-1, as well as `org.xwiki.platform:xwiki-platform-web-templates` prior ...
Xwiki Xwiki 3.1
Xwiki Xwiki
6.1
CVSSv3
CVE-2023-32068
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions before 14.10.4 it's possible to exploit well known parameters in XWiki URLs to perform redirection to untrusted site. This vulnerability was partially fixed i...
Xwiki Xwiki 15.0
Xwiki Xwiki
8.8
CVSSv3
CVE-2023-32069
XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-2 and prior to versions 14.10.4 and 15.0-rc-1, it's possible for a user to execute anything with the right of the author of the XWiki.ClassSheet document. This has been patched in XWiki 15.0-rc-1 an...
Xwiki Xwiki 3.3
Xwiki Xwiki
9
CVSSv3
CVE-2023-32071
XWiki Platform is a generic wiki platform. Starting in versions 2.2-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, it's possible to execute javascript with the right of any user by leading him to a special URL on the wiki targeting a page which contains an...
Xwiki Xwiki 2.2
Xwiki Xwiki
8.1
CVSSv3
CVE-2022-41937
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The application allows anyone with view access to modify any page of the wiki by importing a crafted XAR package. The problem has been patched in XWiki 14.6RC1, 14.6 and 13.10...
Xwiki Xwiki
Xwiki Xwiki 14.5
5.3
CVSSv3
CVE-2022-24819
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents related to users of the wiki. The problem has been patched in XWiki versions 12.10.11, 13.4.4...
Xwiki Xwiki
Xwiki Xwiki 13.9
8.1
CVSSv3
CVE-2022-24821
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Simple users can create global SSX/JSX without specific rights: in theory only users with Programming Rights should be allowed to create SSX or JSX that are executed everywher...
Xwiki Xwiki
Xwiki Xwiki 13.10
5.4
CVSSv3
CVE-2023-26056
XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. ...
Xwiki Xwiki
Xwiki Xwiki 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »