EUVD-2018-21526

Malware in sbrugna...

CVE-2025-54390

A Cross-Site Request Forgery CSRF vulnerability exists in the ResetPasswordRequest operation of Zimbra Collaboration ZCS when the zimbraFeatureResetPasswordStatus attribute is enabled. An attacker can exploit this by tricking an authenticated user into visiting a malicious webpage that silently...

CVE-2025-54390

A Cross-Site Request Forgery CSRF vulnerability exists in the ResetPasswordRequest operation of Zimbra Collaboration ZCS when the zimbraFeatureResetPasswordStatus attribute is enabled. An attacker can exploit this by tricking an authenticated user into visiting a malicious webpage that silently...

CVE-2022-23616

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for an unprivileged user to perform a remote code execution by injecting a groovy script in her own profile and by calling the Reset password feature since t...

CVE-2022-23616 Remote code execution in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for an unprivileged user to perform a remote code execution by injecting a groovy script in her own profile and by calling the Reset password feature since t...

Xwiki Platform 注入漏洞

Xwiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company Xwiki. XWiki Platform suffers from an injection vulnerability that stems from an affected version in which its unprivileged users can execute remote code execution to inject a groovy...