Lädt...

🕵️ Medium CVE-2020-15171: Xwiki Xwiki


Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: cxsecurity.com

In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instantiate arbitrary Java objects and invoke methods that may lead to arbitrary code execution. The only workaround is to give SCRIPT right only to trusted users. ...

🕵️ Medium CVE-2021-21380: Xwiki Xwiki


📈 38.94 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki


📈 33.39 Punkte
🕵️ Hacking

🕵️ CVE-2023-50732 | XWiki xwiki-platform-index-tree-macro authorization


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31984 | XWiki xwiki-platform-search-solr-ui Space Title neutralization of directives


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31983 | XWiki xwiki-platform-localization-source-wiki Multilingual Wiki authorization


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31982 | XWiki xwiki-platform-search-ui DatabaseSearch neutralization of directives


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31981 | XWiki xwiki-platform-oldcore PDFClass authorization


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31464 | XWiki xwiki-platform-oldcore information disclosure


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31996 | XWiki xwiki-commons-velocity Escapetool neutralization of directives


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31988 | XWiki xwiki-platform-realtime-ui HTML Converter API cross-site request forgery


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31987 | XWiki xwiki-platform-oldcore Custom Skins Support authorization


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31986 | XWiki xwiki-platform-scheduler-ui Scheduler Job cross-site request forgery


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31985 | XWiki xwiki-platform-scheduler-ui Job Scheduler cross-site request forgery


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31997 | XWiki xwiki-platform-uiextension-api UIExtension authorization


📈 33.39 Punkte
🕵️ Sicherheitslücken

🕵️ XWiki CryptPad bis 1.1.0 Cross Site Scripting [CVE-2017-1000051]


📈 17.25 Punkte
🕵️ Sicherheitslücken

🕵️ XWiki 1.1 Rc1 information disclosure [CVE-2007-4898]


📈 17.25 Punkte
🕵️ Sicherheitslücken

🕵️ XWiki CryptPad up to 1.1.0 cross site scripting [CVE-2017-1000051]


📈 17.25 Punkte
🕵️ Sicherheitslücken

🕵️ XWiki up to 12.6.2/12.7 cross site scripting [CVE-2021-29459]


📈 17.25 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-41932 | XWiki Platform Old Core Login Form resource consumption (GHSA-4x5r-6v26-7j4v)


📈 17.25 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-41931 | XWiki Platform Icon UI neutralization


📈 17.25 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-41933 | XWiki Platform cleartext storage


📈 17.25 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-41934 | XWiki Platform Menu UI neutralization


📈 17.25 Punkte
🕵️ Sicherheitslücken

matomo