Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2023/10/25 5:9 p.m.20 views

CVE-2023-37909 Privilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheet

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.1-rc-1 and prior to versions 14.10.8 and 15.3-rc-1, any user who can edit their own user profile can execute arbitrary script macros including Groovy and Python macros th...

9.9CVSS8AI score0.01621EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/29 8:38 p.m.41 views

CVE-2023-36469 Code injection through NotificationRSSService in XWiki Platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can edit their own user profile and notification settings can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including...

9.9CVSS10AI score0.82376EPSS
Exploits1References5
OSV
OSV
added 2021/12/17 4:15 a.m.2 views

DEBIAN-CVE-2021-45038

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. By using an action=rollback query, attackers can view private wiki contents...

5.3CVSS5.5AI score0.0135EPSS
Exploits0References1
OSV
OSV
added 2021/12/17 4:15 a.m.2 views

UBUNTU-CVE-2021-45038

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. By using an action=rollback query, attackers can view private wiki contents...

5.3CVSS6AI score0.0135EPSS
Exploits0References4
Rows per page
Query Builder