13 matches found
EUVD-2025-7796
Malicious code in bioql PyPI...
EUVD-2025-7797
Malicious code in bioql PyPI...
CVE-2025-27603
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. A user that doesn't have programming rights can execute arbitrary code due to an unescaped translation when creating a page using the Migration Page template. This vulnerability is fixed in 1.2.0...
CVE-2025-27604
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7...
CVE-2025-27603
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. A user that doesn't have programming rights can execute arbitrary code due to an unescaped translation when creating a page using the Migration Page template. This vulnerability is fixed in 1.2.0...
CVE-2025-27604 XWiki Confluence Migrator Pro's homepage is public
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7...
CVE-2025-27604 XWiki Confluence Migrator Pro's homepage is public
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7...
CVE-2025-27604 XWiki Confluence Migrator Pro's homepage is public
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7...
GHSA-6QVP-39MM-95V8 com.xwiki.confluencepro:application-confluence-migrator-pro-ui Remote Code Execution via unescaped translations
Impact A user that doesn't have programming rights can execute arbitrary code when creating a page using the Migration Page template. A possible attack vector is the following: Create a page and add the following content: confluencepro.job.question.advanced.input=/html async async="true"...
CVE-2025-27603 XWiki Confluence Migrator Pro allows Remote Code Execution via unescaped translations
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. A user that doesn't have programming rights can execute arbitrary code due to an unescaped translation when creating a page using the Migration Page template. This vulnerability is fixed in 1.2.0...
CVE-2025-27603
CVE-2025-27603 affects the XWiki Confluence Migrator Pro — a tool used to import Confluence packages into XWiki. The issue arises from an unescaped translation when creating a page with the Migration Page template, allowing a user lacking programming rights to execute arbitrary code. The vulnerab...
CVE-2025-27603 XWiki Confluence Migrator Pro allows Remote Code Execution via unescaped translations
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. A user that doesn't have programming rights can execute arbitrary code due to an unescaped translation when creating a page using the Migration Page template. This vulnerability is fixed in 1.2.0...
CVE-2025-27603 XWiki Confluence Migrator Pro allows Remote Code Execution via unescaped translations
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. A user that doesn't have programming rights can execute arbitrary code due to an unescaped translation when creating a page using the Migration Page template. This vulnerability is fixed in 1.2.0...