CVE-2022-41928

🗓️ 23 Nov 2022 00:00:00Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 62 Views

XWiki Platform CVE-2022-41928, 'Eval Injection' in AttachmentSelector.xm

Reporter	Title	Published	Views	Family All 11
CNNVD	XWiki Platform 安全漏洞	23 Nov 202200:00	–	cnnvd
Cvelist	CVE-2022-41928 XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml	23 Nov 202200:00	–	cvelist
EUVD	EUVD-2022-7304	3 Oct 202520:07	–	euvd
Github Security Blog	Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml	21 Nov 202222:34	–	github
NVD	CVE-2022-41928	23 Nov 202219:15	–	nvd
OpenVAS	XWiki 5.0-milestone-1 < 13.10.7, 14.x < 14.4.2 Eval Injection Vulnerability (GHSA-9hqh-fmhg-vq2j)	24 Nov 202200:00	–	openvas
OSV	CVE-2022-41928 XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml	23 Nov 202200:00	–	osv
OSV	GHSA-9HQH-FMHG-VQ2J Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml	21 Nov 202222:34	–	osv
Prion	Design/Logic Flaw	23 Nov 202219:15	–	prion
RedhatCVE	CVE-2022-41928	5 Feb 202523:40	–	redhatcve

NVD

Vulners

Node

xwiki xwikiRange5.0–13.10.7

xwiki xwikiRange14.0.0–14.4.2

xwiki xwikiMatch5.0milestone1

xwiki xwikiMatch5.0milestone2

xwiki xwikiMatch14.4.3

xwiki xwikiMatch14.4.4

[
  {
    "vendor": "xwiki",
    "product": "xwiki-platform",
    "versions": [
      {
        "version": ">= 5.0-milestone-1, < 13.10.7",
        "status": "affected"
      },
      {
        "version": ">= 14.0.0, < 14.4.2",
        "status": "affected"
      }
    ]
  }
]