CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-7392

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00177EPSS

Exploits1References5

RedhatCVE•added 2025/05/23 1:46 a.m.•6 views

CVE-2023-29207

XWiki Commons are technical libraries common to several other top level XWiki projects. The Livetable Macro wasn't properly sanitizing column names, thus allowing the insertion of raw HTML code including JavaScript. This vulnerability was also exploitable via the Documents Macro that is included...

9CVSS7.5AI score0.1765EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 1:14 a.m.•3 views

CVE-2022-41935

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users without the right to view documents can deduce their existence by repeated Livetable queries. The issue has been patched in XWiki 14.6RC1, 13.10.8, and 14.4.3, the response is not proper...

5.3CVSS6.7AI score0.00177EPSS

Exploits1References1

CNNVD•added 2023/11/06 12:0 a.m.•1 views

XWiki Platform Security Vulnerability

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the XWiki Foundation in France. A security vulnerability exists in XWiki Platform 3.5-milestone-1 and later versions, which stems from a security vulnerability in the component...

4.3CVSS6.8AI score0.00557EPSS

Exploits1References2

Positive Technologies•added 2023/07/27 12:0 a.m.•3 views

PT-2023-8490 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.5-milestone-1 through 14.10.8 XWiki Platform versions 15.3-rc-1 and earlier Description: The issue is related to the disclosure of information in the error data area of the XWiki Platform, specifically in the...

4.3CVSS4.5AI score0.00557EPSS

Exploits1References11

OpenVAS•added 2023/05/19 12:0 a.m.•19 views

XWiki 1.9-milestone-2 < 13.10.10, 14.x < 14.4.6, 14.5.x < 14.9 XSS Vulnerability (GHSA-6vgh-9r3c-2cxp)

Xwiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

9CVSS8AI score0.1765EPSS

Exploits1References1

NVD•added 2023/04/15 4:15 p.m.•18 views

CVE-2023-29207

9CVSS9.3AI score0.1765EPSS

Exploits1References3

Prion•added 2023/04/15 4:15 p.m.•17 views

Information disclosure

6CVSS9.2AI score0.1765EPSS

Exploits1References3Affected Software1

CVE•added 2023/04/15 3:48 p.m.•72 views

CVE-2023-29207

XWiki Commons Livetable Macro (and Documents Macro) suffers from improper sanitization of column names, enabling XSS via raw HTML/[removed] injection. Exploitation can occur without script rights (even in comments) and, with higher-privilege user interaction, could lead to arbitrary actions, priv...

9CVSS9.2AI score0.1765EPSS

Exploits1References3Affected Software1

OSV•added 2023/04/15 3:48 p.m.•17 views

CVE-2023-29207 Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

8.9CVSS8.8AI score0.1765EPSS

Exploits1References5

Cvelist•added 2023/04/15 3:48 p.m.•14 views

CVE-2023-29207 Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

8.9CVSS9.4AI score0.1765EPSS

Exploits1References3

Vulnrichment•added 2023/04/15 3:48 p.m.•5 views

CVE-2023-29207 Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

8.9CVSS9.2AI score0.1765EPSS

Exploits1References3

CNNVD•added 2023/04/15 12:0 a.m.•1 views

XWiki Commons 跨站脚本漏洞

XWiki Commons is a technology library shared by several other top XWiki projects. A cross-site scripting vulnerability exists in XWiki Commons, which stems from Livetable Macro not properly cleaning up column names, thus allowing the insertion of raw HTML code including JavaScript...

9CVSS7.9AI score0.1765EPSS

Exploits1References4

Github Security Blog•added 2023/04/12 8:43 p.m.•18 views

Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

Impact The Livetable Macro wasn't properly sanitizing column names, thus allowing the insertion of raw HTML code including JavaScript. This vulnerability was also exploitable via the Documents Macro that is included since XWiki 3.5M1 and doesn't require script rights, this can be demonstrated wit...

9CVSS9.1AI score0.1765EPSS

Exploits1References5Affected Software6

OSV•added 2023/04/12 8:43 p.m.•18 views

GHSA-6VGH-9R3C-2CXP Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro

8.9CVSS9.2AI score0.1765EPSS

Exploits1References5

OpenVAS•added 2022/11/24 12:0 a.m.•15 views

XWiki 12.10.11 < 13.10.8, 14.x < 14.4.3, 14.5.x < 14.6 Exposure of Sensitive Information Vulnerability (GHSA-p2x4-6ghr-6vmq)

Xwiki is prone to an exposure of sensitive information vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki...

5.3CVSS5.9AI score0.00177EPSS

Exploits1References1

NVD•added 2022/11/23 8:15 p.m.•12 views

CVE-2022-41935

5.3CVSS0.00177EPSS

Exploits1References3

Prion•added 2022/11/23 8:15 p.m.•14 views

Design/Logic Flaw

4CVSS4.5AI score0.00177EPSS

Exploits1References3Affected Software1

OSV•added 2022/11/23 12:0 a.m.•16 views

CVE-2022-41935 Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui