Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.11 views

CVE-2023-29206

XWiki Commons are technical libraries common to several other top level XWiki projects. There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object and to craft a...

9CVSS6.7AI score0.00942EPSS
Exploits1References1
NVD
NVD
added 2023/04/15 4:15 p.m.35 views

CVE-2023-29206

XWiki Commons are technical libraries common to several other top level XWiki projects. There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object and to craft a...

9CVSS9.1AI score0.00942EPSS
Exploits1References5
CVE
CVE
added 2023/04/15 3:41 p.m.299 views

CVE-2023-29206

CVE-2023-29206 affects XWiki Commons where an author without Script rights could craft a script via a JavaScript xobject or StyleSheet xobject added to a document. The issue stems from missing permission checks, allowing such objects to execute under insufficient rights. Red Hat and other sources...

9CVSS7.2AI score0.00942EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/04/15 3:41 p.m.34 views

CVE-2023-29206 org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins

XWiki Commons are technical libraries common to several other top level XWiki projects. There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object and to craft a...

9CVSS5.5AI score0.00942EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2023/04/15 3:41 p.m.10 views

CVE-2023-29206 org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins

XWiki Commons are technical libraries common to several other top level XWiki projects. There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object and to craft a...

9CVSS9.1AI score0.00942EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/04/15 3:41 p.m.43 views

CVE-2023-29206 org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins

XWiki Commons are technical libraries common to several other top level XWiki projects. There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object and to craft a...

9CVSS9.3AI score0.00942EPSS
Exploits1References5
Rows per page
Query Builder