Lucene search
K

44 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:14 a.m.7 views

CVE-2022-23618

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is no protection against URL redirection to untrusted sites, in particular some well known parameters xredirect can be used to perform url redirections. This problem...

6.1CVSS6.6AI score0.00787EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.10 views

CVE-2024-41947

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By creating a conflict when another user with more rights is currently editing a page, it is possible to execute JavaScript snippets on the side of the other user, which compromises the...

9CVSS7AI score0.01572EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1251

Malicious code in bioql PyPI...

9.9CVSS8.4AI score0.01864EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1293

Malicious code in bioql PyPI...

5CVSS4.9AI score0.00672EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1338

Malicious code in bioql PyPI...

9.9CVSS8.4AI score0.0109EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1020

Malicious code in bioql PyPI...

7.7CVSS7.4AI score0.00746EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0954

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00855EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2572

Malicious code in bioql PyPI...

9CVSS6.4AI score0.00639EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1347

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.0101EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/08/05 11:30 p.m.4 views

CVE-2025-54125 XWiki Platform: Password and email exposure in xml.vm fields

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 1.1 through 16.4.6, 16.5.0-rc-1 through 16.10.4 and 17.0.0-rc-1 through 17.1.0, the XML export of a page in XWiki that can b...

8.7CVSS6.1AI score0.01209EPSS
Exploits0References3
OSV
OSV
added 2025/08/05 11:30 p.m.5 views

CVE-2025-54125 XWiki Platform: Password and email exposure in xml.vm fields

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 1.1 through 16.4.6, 16.5.0-rc-1 through 16.10.4 and 17.0.0-rc-1 through 17.1.0, the XML export of a page in XWiki that can b...

8.7CVSS6.4AI score0.01209EPSS
Exploits0References5
OSV
OSV
added 2025/08/05 11:28 p.m.7 views

CVE-2025-54124 XWiki Platform: Any user with editing rights can access password properties through Database List Properties

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 9.8-rc-1 through 16.4.6, 16.5.0-rc-1 through 16.10.4, and 17.0.0-rc-1 through 17.1.0, any user with editing rights can creat...

7.1CVSS6.8AI score0.00397EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:12 a.m.10 views

CVE-2024-31997

XWiki Platform is a generic wiki platform. Prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, parameters of UI extensions are always interpreted as Velocity code and executed with programming rights. Any user with edit right on any document like the user's own profile can create UI extensions. Th...

9.9CVSS7.7AI score0.73925EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:12 a.m.9 views

CVE-2024-31985

XWiki Platform is a generic wiki platform. Starting in version 3.1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, it is possible to schedule/trigger/unschedule existing jobs by having an admin visit the Job Scheduler page through a predictable URL, for example by embedding such an URL in...

5.4CVSS6.7AI score0.00309EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.5 views

CVE-2024-37901

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit right on any page can perform arbitrary remote code execution by adding instances of XWiki.SearchSuggestConfig and XWiki.SearchSuggestSourceClass to their user profile or an...

9.9CVSS7.8AI score0.01057EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:41 a.m.11 views

CVE-2024-55876

XWiki Platform is a generic wiki platform. Starting in version 1.2-milestone-2 and prior to versions 15.10.9 and 16.3.0, any user with an account on the main wiki could run scheduling operations on subwikis. To reproduce, as a user on the main wiki without any special right, view the document...

5.4CVSS6.7AI score0.00553EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.7 views

CVE-2024-55662

XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where Extension Repository Application is installed, any user can execute any code requiring programming rights on the server. This vulnerability has been fixed in...

9.9CVSS7AI score0.00749EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:8 a.m.7 views

CVE-2023-50732

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute a Velocity script without script right through the document tree. This has been patched in XWiki 14.10.7 and 15.2RC1...

8.3CVSS7.1AI score0.00486EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:1 a.m.6 views

CVE-2023-46732

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a...

9.6CVSS7.1AI score0.02191EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:20 a.m.12 views

CVE-2023-45134

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. org.xwiki.platform:xwiki-platform-web starting in version 3.1-milestone-1 and prior to 13.4-rc-1, org.xwiki.platform:xwiki-platform-web-templates prior to versions 14.10.2 and 15.5-rc-1, and...

9CVSS7.8AI score0.01834EPSS
Exploits1References1
Rows per page
Query Builder