Lucene search
K

4 matches found

Prion
Prion
added 2023/10/25 6:17 p.m.29 views

Remote code execution

XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. Prior to version 14.10.6 of org.xwiki.platform:xwiki-core-rendering-macro-footnotes and org.xwiki.platform:xwiki-rendering-macro-footnotes and prior to version 15.1-rc-1 of...

6.5CVSS8.9AI score0.01247EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/06/30 7:15 p.m.24 views

Cross site scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights can edit all pages in the CKEditor' space. This makes it possible to perform a variety of harmful actions, such as removing technical documents, leading to loss of...

4.9CVSS5.4AI score0.00903EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2023/06/30 6:57 p.m.65 views

CVE-2023-36477 Persistent Cross-site Scripting (XSS) through CKEditor Configuration pages in XWiki Platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights can edit all pages in the CKEditor' space. This makes it possible to perform a variety of harmful actions, such as removing technical documents, leading to loss of...

9CVSS9.2AI score0.00903EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/06/29 8:31 p.m.13 views

CVE-2023-36470 Code injection in icon themes of XWiki Platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By either creating a new or editing an existing document with an icon set, an attacker can inject XWiki syntax and Velocity code that is executed with programming rights and thus allows remote...

9.9CVSS7.5AI score0.01916EPSS
Exploits1References5
Rows per page
Query Builder