4 matches found
CVE-2024-21651
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user able to attach a file to a page can post a malformed TAR file by manipulating file modification times headers, which when parsed by Tika, could cause a denial of service issue via CPU...
CVE-2024-21650
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote code execution RCE attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the...
CVE-2024-21650 XWiki Remote Code Execution vulnerability via user registration
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote code execution RCE attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the...
PT-2024-18999 · Xwiki +1 · Xwiki Platform +2
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 14.10.18 XWiki Platform versions prior to 15.5.3 XWiki Platform versions prior to 15.8 RC1 Description: A user able to attach a file to a page can post a malformed TAR file by manipulating file modification...