8 matches found
GHSA-J2PQ-22JJ-4PM5 XWiki allows remote code execution through the extension sheet
Impact On instances where Extension Repository Application is installed, any user can execute any code requiring programming rights on the server. In order to reproduce on an instance, as a normal user without script nor programming rights, go to your profile and add an object of type...
XWiki allows remote code execution through the extension sheet
Impact On instances where Extension Repository Application is installed, any user can execute any code requiring programming rights on the server. In order to reproduce on an instance, as a normal user without script nor programming rights, go to your profile and add an object of type...
CVE-2024-55662
XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where Extension Repository Application is installed, any user can execute any code requiring programming rights on the server. This vulnerability has been fixed in...
CVE-2024-55662 XWiki allows remote code execution through the extension sheet
XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where Extension Repository Application is installed, any user can execute any code requiring programming rights on the server. This vulnerability has been fixed in...
CVE-2024-55662 XWiki allows remote code execution through the extension sheet
XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where Extension Repository Application is installed, any user can execute any code requiring programming rights on the server. This vulnerability has been fixed in...
CVE-2024-55662 XWiki allows remote code execution through the extension sheet
XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where Extension Repository Application is installed, any user can execute any code requiring programming rights on the server. This vulnerability has been fixed in...
CVE-2024-55662
CVE-2024-55662 affects XWiki Platform (3.3-milestone-1 to versions before 15.10.9 and 16.3.0) when the Extension Repository Application is installed. The root cause is that a user with access to the server can execute code requiring programming rights via the Extension Repository Application, ena...
PT-2024-36576 · Unknown · Xwiki Platform
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.3-milestone-1 through 15.10.8 XWiki Platform versions 3.3-milestone-1 through 16.2.x Description: XWiki Platform is a generic wiki platform. On instances where Extension Repository Application is installed, any user...