Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1481

Malicious code in bioql PyPI...

9CVSS6.9AI score0.00652EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 3:48 a.m.7 views

CVE-2023-32070

XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting XSS attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. Ther...

9CVSS5.6AI score0.00652EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/07/13 12:0 a.m.17 views

XWiki 4.2-milestone-1 < 14.6 XSS Vulnerability (GHSA-m3jr-cvhj-f35j)

Xwiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

9CVSS7.2AI score0.01153EPSS
Exploits1References1
NVD
NVD
added 2023/05/10 6:15 p.m.47 views

CVE-2023-32070

XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting XSS attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. Ther...

9CVSS8.4AI score0.00652EPSS
Exploits0References3
OSV
OSV
added 2023/05/10 5:18 p.m.34 views

CVE-2023-32070 Improper Neutralization of Script in Attributes in XWiki (X)HTML renderers

XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting XSS attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. Ther...

9CVSS6.3AI score0.00652EPSS
Exploits0References5
Prion
Prion
added 2023/05/09 1:15 p.m.22 views

Cross site scripting

org.xwiki.commons:xwiki-commons-xml is an XML library used by the open-source wiki platform XWiki. The HTML sanitizer, introduced in version 14.6-rc-1, allows the injection of arbitrary HTML code and thus cross-site scripting via invalid data attributes. This vulnerability does not affect...

6.8CVSS8.9AI score0.00818EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/09 12:53 p.m.47 views

CVE-2023-31126 Improper Neutralization of Invalid Characters in Data Attribute Names in org.xwiki.commons:xwiki-commons-xml

org.xwiki.commons:xwiki-commons-xml is an XML library used by the open-source wiki platform XWiki. The HTML sanitizer, introduced in version 14.6-rc-1, allows the injection of arbitrary HTML code and thus cross-site scripting via invalid data attributes. This vulnerability does not affect...

9CVSS9.2AI score0.00818EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/11/28 12:0 a.m.15 views

XWiki < 13.10.8, 14.x < 14.4.2, 14.5.x < 14.6 Uncontrolled Resource Consumption Vulnerability (GHSA-4x5r-6v26-7j4v)

Xwiki is prone to an uncontrolled resource consumption vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki...

7.5CVSS6.1AI score0.00518EPSS
Exploits0References1
Rows per page
Query Builder