Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 229 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-37462 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-skin-ui xwikixwiki-platform Critical 9.9 2023-07-14 20:39:06 Deep Dive
CVE-2023-37277 XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API xwikixwiki-platform Critical 9.6 2023-07-10 16:11:14 Deep Dive
CVE-2023-36477 Persistent Cross-site Scripting (XSS) through CKEditor Configuration pages in XWiki Platform xwikixwiki-platform Critical 9.0 2023-06-30 18:57:38 Deep Dive
CVE-2023-36468 Upgrading doesn't prevent exploiting vulnerable XWiki documents xwikixwiki-platform Critical 9.9 2023-06-29 20:44:34 Deep Dive
CVE-2023-36469 Code injection through NotificationRSSService in XWiki Platform xwikixwiki-platform Critical 9.9 2023-06-29 20:38:53 Deep Dive
CVE-2023-36470 Code injection in icon themes of XWiki Platform xwikixwiki-platform Critical 9.9 2023-06-29 20:31:54 Deep Dive
CVE-2023-35162 XPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in preview actions template xwikixwiki-platform Critical 9.6 2023-06-23 18:52:20 Deep Dive
CVE-2023-35161 XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication page xwikixwiki-platform Critical 9.6 2023-06-23 18:51:46 Deep Dive
CVE-2023-35160 XWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template xwikixwiki-platform Critical 9.6 2023-06-23 18:48:18 Deep Dive
CVE-2023-35159 XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in deletespace template xwikixwiki-platform Critical 9.6 2023-06-23 18:34:18 Deep Dive
CVE-2023-35158 XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore template xwikixwiki-platform Critical 9.6 2023-06-23 18:26:37 Deep Dive
CVE-2023-35157 XWiki Platform vulnerable to reflected cross-site scripting via delattachment action xwikixwiki-platform High 8.4 2023-06-23 18:22:55 Deep Dive
CVE-2023-35156 XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in delete template xwikixwiki-platform Critical 9.6 2023-06-23 18:19:57 Deep Dive
CVE-2023-35155 XWiki Platform vulnerable to cross-site scripting in target parameter via share page by email xwikixwiki-platform High 8.8 2023-06-23 18:15:05 Deep Dive
CVE-2023-35153 XWiki Platform vulnerable to stored cross-site scripting in ClassEditSheet page via name parameters xwikixwiki-platform Critical 9.0 2023-06-23 17:19:59 Deep Dive
CVE-2023-35152 XWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults xwikixwiki-platform Critical 9.9 2023-06-23 16:41:51 Deep Dive
CVE-2023-35151 XWiki Platform may show email addresses in clear in REST results xwikixwiki-platform High 7.5 2023-06-23 16:33:01 Deep Dive
CVE-2023-35150 XWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation application xwikixwiki-platform Critical 9.9 2023-06-23 16:26:55 Deep Dive
CVE-2023-34467 XWiki Platform may retrieve email addresses of all users xwikixwiki-platform High 7.5 2023-06-23 16:20:51 Deep Dive
CVE-2023-34466 XWiki Platform's tags on non-viewable pages can be revealed to users xwikixwiki-platform Medium 4.3 2023-06-23 15:26:11 Deep Dive