8 matches found
EUVD-2023-2625
Malicious code in bioql PyPI...
GHSA-35J5-M29R-XFQ5 XWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macro
Impact The footnote macro executed its content in a potentially different context than the one in which it was defined. In particular in combination with the include macro, this allows privilege escalation from a simple user account in XWiki to programming rights and thus remote code execution,...
XWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macro
Impact The footnote macro executed its content in a potentially different context than the one in which it was defined. In particular in combination with the include macro, this allows privilege escalation from a simple user account in XWiki to programming rights and thus remote code execution,...
Remote code execution
XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. Prior to version 14.10.6 of org.xwiki.platform:xwiki-core-rendering-macro-footnotes and org.xwiki.platform:xwiki-rendering-macro-footnotes and prior to version 15.1-rc-1 of...
CVE-2023-37912
Summary: CVE-2023-37912 affects XWiki Rendering’s footnote macro. Prior to versions 14.10.6 (footnotes macros) and 15.1-rc-1 (footnotes macro), the footnote macro could execute content in a different context, enabling privilege escalation from a user to programming rights and potentially remote c...
CVE-2023-37912 XWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macro
XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. Prior to version 14.10.6 of org.xwiki.platform:xwiki-core-rendering-macro-footnotes and org.xwiki.platform:xwiki-rendering-macro-footnotes and prior to version 15.1-rc-1 of...
CVE-2023-37912 XWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macro
XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. Prior to version 14.10.6 of org.xwiki.platform:xwiki-core-rendering-macro-footnotes and org.xwiki.platform:xwiki-rendering-macro-footnotes and prior to version 15.1-rc-1 of...
XWiki Rendering Security Vulnerability
XWiki Rendering is a general-purpose rendering system from the XWiki Foundation that converts text input from a given syntax wiki syntax, HTML, etc. to another syntax XHTML, etc.. A security vulnerability exists in XWiki Rendering that stems from a footnote macro executing its contents in possibl...