The vulnerabilities of the DBMS_XMLGEN and DBMS_XMLQUERY functions of the XWiki Platform, a platform for creating collaborative web applications. This allows attackers to execute arbitrary code.
The vulnerability of the DBMSXMLGEN and DBMSXMLQUERY functions of the XWiki Platform for creating collaborative web applications is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending...