Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2023/11/16 12:0 a.m.15 views

XWiki 5.1-rc-1 < 14.10.8, 15.0-rc-1 < 15.3 Privilege Escalation Vulnerability (GHSA-v2rr-xw95-wcjx)

Xwiki is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescripti...

9.9CVSS7.3AI score0.01621EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/11/16 12:0 a.m.18 views

XWiki 9.4-rc-1 < 14.10.8, 15.0-rc-1 < 15.3 Information Disclosure Vulnerability (GHSA-gh64-qxh5-4m33)

Xwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

6.5CVSS6.6AI score0.00752EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/11/16 12:0 a.m.19 views

XWiki 3.5-milestone-1 < 14.10.9, 15.0 < 15.3 Information Disclosure Vulnerability (GHSA-g9w4-prf3-m25g)

Xwiki is prone to a information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

4.3CVSS5.9AI score0.00661EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/11/16 12:0 a.m.21 views

XWiki 3.5-milestone-1 < 14.10.8, 15.0-rc-1 < 15.3 XSS Vulnerability (GHSA-vcvr-v426-3m3m)

Xwiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

9.9CVSS7.3AI score0.01076EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2023/07/27 7:28 p.m.43 views

Obfuscated email addresses should not be sorted

Impact The mail obfuscation configuration was not fully taken into account and is was still possible by obfuscated emails. See https://jira.xwiki.org/browse/XWIKI-20601 for the reproduction steps. Patches This has been patched in XWiki 14.10.9, and XWiki 15.3-rc-1. Workarounds The workaround is t...

4.3CVSS6.8AI score0.00661EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2023/07/27 6:53 p.m.41 views

CVE-2023-38509 XWiki Platform's obfuscated email addresses should not be sorted

XWiki Platform is a generic wiki platform. In org.xwiki.platform:xwiki-platform-livetable-ui starting with version 3.5-milestone-1 and prior to versions 14.10.9 and 15.3-rc-1, the mail obfuscation configuration was not fully taken into account and is was still possible by obfuscated emails. This...

4.3CVSS4.8AI score0.00661EPSS
Exploits1References4
OSV
OSV
added 2023/07/27 6:53 p.m.31 views

CVE-2023-38509 XWiki Platform's obfuscated email addresses should not be sorted

XWiki Platform is a generic wiki platform. In org.xwiki.platform:xwiki-platform-livetable-ui starting with version 3.5-milestone-1 and prior to versions 14.10.9 and 15.3-rc-1, the mail obfuscation configuration was not fully taken into account and is was still possible by obfuscated emails. This...

4.3CVSS4.7AI score0.00661EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/07/27 12:0 a.m.8 views

PT-2023-8490 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.5-milestone-1 through 14.10.8 XWiki Platform versions 15.3-rc-1 and earlier Description: The issue is related to the disclosure of information in the error data area of the XWiki Platform, specifically in the...

4.3CVSS4.5AI score0.00661EPSS
Exploits1References11
Rows per page
Query Builder