680 matches found
Cross site scripting
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. org.xwiki.platform:xwiki-platform-web starting in version 3.1-milestone-2 and prior to version 13.4-rc-1, as well as org.xwiki.platform:xwiki-platform-web-templates prior to versions 14.10.12...
Information disclosure
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.0-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, tags from pages not viewable to the current user are leaked by the tags API. This information can also...
CVE-2023-34466 XWiki Platform's tags on non-viewable pages can be revealed to users
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.0-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, tags from pages not viewable to the current user are leaked by the tags API. This information can also...
GHSA-7F2F-PCV3-J2R7 XWiki Platform's tags on non-viewable pages can be revealed to users
Impact Tags from pages not viewable to the current user are leaked by the tags API. This information can also be exploited to infer the document reference of non-viewable pages. Patches This vulnerability has been patched in XWiki 14.4.8, 14.10.4, and 15.0 RC1. Workarounds There is no workaround...
SUSE CVE-2012-5090
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library...
CVE-2012-5090
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library...
CVE-2012-5090
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library...
CVE-2012-5090
Technical details about CVE-2012-5090 are not publicly available in the provided documents; no concrete affected components, root cause, or fixes are disclosed. Monitor for updates from Oracle/SUSE and NVD.
CVE-2024-56120
...
MS:CF89E515-56CD-4E4F-B5CA-31B3EA1E81B3
...
MS:7DCE4ADB-BEDE-4BB0-B2E1-EF25B20B5075
...
MS:9C1AA47A-4085-41E5-A1EA-9D1289F90720
...
MS:F88C877F-028C-4CE8-A40B-936CE2A77EE7
...
MS:CABF7026-0036-4363-92A1-98FF46C816BF
...
MS:CB35DE68-FC9C-49F6-8A1D-60FB5B6C560B
...
MS:FFD7C56F-900A-426B-B210-191C8DD3AA8E
...
MS:215E3CD0-130C-4B54-BBA9-23C7860C91B2
...
MS:4AFF7CCB-1522-43D4-91C1-C5F7F48D3CC4
...
MS:35D7273D-3223-4929-95A5-1F297396946C
...