XWiki 12.5 < 13.10.6, 14.0 < 14.4 XSS Vulnerability (GHSA-c5v8-2q4r-5w9v)

Xwiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki 5.3 < 13.10.6, 14.0 < 14.4 Code Injection Vulnerability (GHSA-xr6m-2p4m-jvqf)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

XWiki 1.0 < 13.10.6, 14.0 < 14.3 XSS Vulnerability (GHSA-mxf2-4r22-5hq9)

Xwiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

CVE-2022-36096 XWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list

The XWiki Platform Index UI is an Index of all pages, attachments, orphans and deleted pages and attachments for XWiki Platform, a generic wiki platform. Prior to versions 13.10.6 and 14.3, it's possible to store JavaScript which will be executed by anyone viewing the deleted attachments index wi...

Design/Logic Flaw

XWiki Platform Web Parent POM contains Web resources for the XWiki platform, a generic wiki platform. Starting with version 1.0 and prior to versions 13.10.6 and 14.30-rc-1, it's possible to store JavaScript which will be executed by anyone viewing the history of an attachment containing javascri...

XWiki Platform 跨站脚本漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the French company XWiki. A security vulnerability exists in the XWiki Platform Index UI prior to version 13.10.6 and prior to version 14.3, which stems from the ability to store JavaScript that can be...

XWiki Platform 跨站脚本漏洞

XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. A security vulnerability exists in the XWiki Platform Web Parent POM prior to version 13.10.6 and prior to version 14.30-rc-1, which stems from the ability to store JavaScript th...