Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/06/13 3:45 p.m.13 views

CVE-2025-49580 XWiki allows privilege escalation through link refactoring

XWiki is a generic wiki platform. From 8.2 and 7.4.5 until 17.1.0-rc-1, 16.10.4, and 16.4.7, pages can gain script or programming rights when they contain a link and the target of the link is renamed or moved. This might lead to execution of scripts contained in xobjects that should have never be...

8.5CVSS0.00378EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/04/26 12:0 a.m.14 views

XWiki 5.3-milestone-2 < 13.10.11, 14.x < 14.4.7, 14.5.x < 14.10 Code Injection Vulnerability (GHSA-w7v9-fc49-4qg4)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

9.9CVSS8.7AI score0.01193EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2022/04/11 12:0 a.m.19 views

XWiki Privileged API Vulnerability (GHSA-ghcq-472w-vf4h)

XWiki is prone to a privileged API vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

8.1CVSS7.3AI score0.00792EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2022/02/11 12:0 a.m.20 views

XWiki RCE Vulnerability (GHSA-mgjw-2wrp-r535)

Xwiki is prone to an remote code execution RCE vulnerability SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

8.8CVSS7.8AI score0.02097EPSS
Exploits0References1
Rows per page
Query Builder