2 matches found
SQL Injection
XWiki Full Calendar Macro is vulnerable to SQL Injection. The vulnerability is due to a SQL injection vulnerability by accessing database info or starting a DoS attack, where users with the right to view the Calendar.JSONService page including guest users can exploit this issue and access databas...
XWiki Full Calendar Macro 信息泄露漏洞
XWiki Full Calendar Macro is an open source log table extension component for XWiki. An information disclosure vulnerability exists in XWiki Full Calendar Macro versions prior to 2.4.6, which originates from a user with permission to view the Calendar.JSONService page may be able to access databa...