Lucene search
K

4 matches found

Cvelist
Cvelist
added 2023/06/23 6:52 p.m.45 views

CVE-2023-35162 XPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in preview actions template

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the previewactions template to perform a XSS, e.g. by using URL such as:...

9.6CVSS9.5AI score0.02397EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/06/23 6:52 p.m.13 views

CVE-2023-35162 XPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in preview actions template

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the previewactions template to perform a XSS, e.g. by using URL such as:...

9.6CVSS6.7AI score0.02397EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/06/23 12:0 a.m.4 views

XWiki Platform 跨站脚本漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the XWiki Foundation in France. A cross-site scripting vulnerability exists in XWiki Platform versions 6.1-rc-1 and earlier. An attacker can exploit this vulnerability to inject Javascript code into a pag...

9.6CVSS6AI score0.02397EPSS
Exploits0References5
OSV
OSV
added 2023/06/20 5:42 p.m.19 views

GHSA-Q9HG-9QJ2-MXF9 XWiki Platform vulnerable to cross-site scripting via xcontinue parameter in previewactions template

Impact Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the previewactions template to perform a XSS, e.g. by using URL such as:...

9.6CVSS7.7AI score0.02397EPSS
Exploits0References6
Rows per page
Query Builder