CVE-2022-36094

XWiki Platform Web Parent POM contains Web resources for the XWiki platform, a generic wiki platform. Starting with version 1.0 and prior to versions 13.10.6 and 14.30-rc-1, it's possible to store JavaScript which will be executed by anyone viewing the history of an attachment containing javascri...

CVE-2022-36094

CVE-2022-36094 affects XWiki Platform Web Parent POM. The issue allows storing JavaScript that is executed when anyone views the history of an attachment whose name contains javascript, for versions starting from 1.0 up to but not including 13.10.6 and 14.30-rc-1. The vulnerability is mitigated b...

XWiki Platform 跨站脚本漏洞

XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. A security vulnerability exists in the XWiki Platform Web Parent POM prior to version 13.10.6 and prior to version 14.30-rc-1, which stems from the ability to store JavaScript th...

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=1.0.0), com.airbus-cyber-security.graylog:graylog-plugin-logging-alert (>=1.0.0 <=1.0.1) +8 more potentially affected by CVE-2018-11651 via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=2.4.3)

org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.0.0, =1.0.2, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: CVE-2018-11651 Source advisory: OSV:GHSA-435G-R2M8-GJVM...