Lädt...


🕵️ CVE-2023-26477 | XWiki prior 13.10.10/14.4.6/14.9-rc-1 Request Parameter newThemeName neutralization of directives (GHSA-x2qm-r4wx-8gpg)


Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com

A vulnerability was found in XWiki and classified as critical. Affected by this issue is some unknown functionality of the component Request Parameter Handler. The manipulation of the argument newThemeName leads to improper neutralization of directives in dynamically evaluated code ('eval injection'). This vulnerability is handled as CVE-2023-26477. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component. ...

🕵️ CVE-2024-31984 | XWiki xwiki-platform-search-solr-ui Space Title neutralization of directives


📈 78.28 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31982 | XWiki xwiki-platform-search-ui DatabaseSearch neutralization of directives


📈 78.28 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31996 | XWiki xwiki-commons-velocity Escapetool neutralization of directives


📈 78.28 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31988 | XWiki xwiki-platform-realtime-ui HTML Converter API cross-site request forgery


📈 43.68 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31986 | XWiki xwiki-platform-scheduler-ui Scheduler Job cross-site request forgery


📈 43.68 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31985 | XWiki xwiki-platform-scheduler-ui Job Scheduler cross-site request forgery


📈 43.68 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-38193 | ESRI Portal for ArcGIS up to 10.8.1 neutralization of directives


📈 40.7 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2020-6650 | UPS Companion Software up to 1.04 Eval neutralization of directives


📈 40.7 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2019-9507 | Vertiv Avocent UMG-4000 4.2.1.19 Code Syntax neutralization of directives


📈 40.7 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-27321 | Refuel Autolabel 0.0.8 CSV File neutralization of directives


📈 40.7 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-45848 | MindsDB up to 24.7.4.0 ChromaDB Integration neutralization of directives


📈 40.7 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-45847 | MindsDV up to 24.7.4.0 Integration Engine neutralization of directives


📈 40.7 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-41931 | XWiki Platform Icon UI neutralization


📈 38.77 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-41934 | XWiki Platform Menu UI neutralization


📈 38.77 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-41928 | XWiki Platform Attachment UI AttachmentSelector.xml neutralization


📈 38.77 Punkte
🕵️ Sicherheitslücken

🕵️ Medium CVE-2020-15171: Xwiki Xwiki


📈 38.73 Punkte
🕵️ Sicherheitslücken

🕵️ Medium CVE-2021-21380: Xwiki Xwiki


📈 38.73 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31983 | XWiki xwiki-platform-localization-source-wiki Multilingual Wiki authorization


📈 38.73 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31981 | XWiki xwiki-platform-oldcore PDFClass authorization


📈 38.73 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31464 | XWiki xwiki-platform-oldcore information disclosure


📈 38.73 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31987 | XWiki xwiki-platform-oldcore Custom Skins Support authorization


📈 38.73 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-31997 | XWiki xwiki-platform-uiextension-api UIExtension authorization


📈 38.73 Punkte
🕵️ Sicherheitslücken

matomo