CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2023/04/15 4:15 p.m.•18 views

CVE-2023-29207

XWiki Commons are technical libraries common to several other top level XWiki projects. The Livetable Macro wasn't properly sanitizing column names, thus allowing the insertion of raw HTML code including JavaScript. This vulnerability was also exploitable via the Documents Macro that is included...

9CVSS9.3AI score0.1765EPSS

Exploits1References3

Prion•added 2023/04/15 4:15 p.m.•17 views

Information disclosure

6CVSS9.2AI score0.1765EPSS

Exploits1References3Affected Software1

OSV•added 2023/04/15 3:48 p.m.•17 views

CVE-2023-29207 Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

8.9CVSS8.8AI score0.1765EPSS

Exploits1References5

Cvelist•added 2023/04/15 3:48 p.m.•14 views

CVE-2023-29207 Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

8.9CVSS9.4AI score0.1765EPSS

Exploits1References3

Github Security Blog•added 2023/04/12 8:43 p.m.•19 views

Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

Impact The Livetable Macro wasn't properly sanitizing column names, thus allowing the insertion of raw HTML code including JavaScript. This vulnerability was also exploitable via the Documents Macro that is included since XWiki 3.5M1 and doesn't require script rights, this can be demonstrated wit...

9CVSS9.1AI score0.1765EPSS

Exploits1References5Affected Software6

OSV•added 2023/04/12 8:43 p.m.•18 views

GHSA-6VGH-9R3C-2CXP Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

8.9CVSS9.2AI score0.1765EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by