Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2023/04/26 12:0 a.m.17 views

XWiki 13.9-rc-1 < 13.10.8, 14.x < 14.4.3, 14.5.x < 14.7 Information Disclosure Vulnerability (GHSA-vvp7-r422-rx83)

Xwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

5.3CVSS6.1AI score0.00693EPSS
Exploits1References1
OSV
OSV
added 2022/04/08 7:25 p.m.29 views

CVE-2022-24820 Unauthenticated user can list hidden document from multiple velocity templates

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents by rendering some velocity documents. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and...

5.3CVSS5.3AI score0.00985EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/04/08 7:25 p.m.43 views

CVE-2022-24820 Unauthenticated user can list hidden document from multiple velocity templates

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents by rendering some velocity documents. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and...

5.3CVSS5.4AI score0.00985EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/04/08 12:0 a.m.7 views

PT-2022-16900 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 12.10.11 XWiki Platform versions prior to 13.4.4 XWiki Platform versions prior to 13.9-rc-1 Description: A guest user without the right to view pages of the wiki can still list documents by rendering some...

5.3CVSS5.1AI score0.00985EPSS
Exploits1References8
Rows per page
Query Builder