Lucene search
+L

4 matches found

Nuclei
Nuclei
added yesterday29 views

XWiki >= 13.10.8 - Cross-Site Scripting

Reflected XSS vulnerability in XWiki authenticate endpoints allows execution of arbitrary JavaScript. id: CVE-2023-29506 info: name: XWiki = 13.10.8 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Reflected XSS vulnerability in XWiki authenticate endpoints allows...

6.1CVSS6.5AI score0.01721EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/04/26 12:0 a.m.23 views

XWiki 13.10.8 < 13.10.11, 14.4.3 < 14.4.7, 14.6.x < 14.10 Code Injection Vulnerability (GHSA-jjm5-5v9v-7hx2)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

6.1CVSS6.6AI score0.01721EPSS
Exploits1References1
NVD
NVD
added 2023/04/16 7:15 a.m.25 views

CVE-2023-29506

XWiki Commons are technical libraries common to several other top level XWiki projects. It was possible to inject some code using the URL of authenticated endpoints. This problem has been patched on XWiki 13.10.11, 14.4.7 and 14.10...

6.1CVSS5.8AI score0.01721EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/04/16 6:49 a.m.21 views

CVE-2023-29506 org.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticated endpoints

XWiki Commons are technical libraries common to several other top level XWiki projects. It was possible to inject some code using the URL of authenticated endpoints. This problem has been patched on XWiki 13.10.11, 14.4.7 and 14.10...

5.4CVSS6.4AI score0.01721EPSS
Exploits1References3
Rows per page
Query Builder