| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-29525 | Privilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration in xwiki-platform | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-18 23:01:46 | Deep Dive |
| CVE-2023-29526 | Async and display macro allow displaying and interacting with any document in restricted mode | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-18 22:57:30 | Deep Dive |
| CVE-2023-29527 | Code injection from account through AWM view sheet in xwiki platform | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-18 22:53:42 | Deep Dive |
| CVE-2023-29213 | org.xwiki.platform:xwiki-platform-logging-ui Injection vulnerability | xwiki | xwiki-platform | Critical | 9.0 | 2023-04-17 21:21:41 | Deep Dive |
| CVE-2023-29511 | xwiki-platform-administration-ui vulnerable to privilege escalation | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-16 07:07:54 | Deep Dive |
| CVE-2023-30537 | org.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-16 07:06:44 | Deep Dive |
| CVE-2023-29509 | org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-16 07:04:18 | Deep Dive |
| CVE-2023-29508 | org.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Cross-site Scripting | xwiki | xwiki-platform | High | 8.9 | 2023-04-16 07:00:43 | Deep Dive |
| CVE-2023-29507 | org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors | xwiki | xwiki-platform | Critical | 9.1 | 2023-04-16 06:52:19 | Deep Dive |
| CVE-2023-29506 | org.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticated endpoints | xwiki | xwiki-platform | Medium | 5.4 | 2023-04-16 06:49:51 | Deep Dive |
| CVE-2023-29214 | org.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-16 06:45:57 | Deep Dive |
| CVE-2023-29212 | xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-16 06:39:52 | Deep Dive |
| CVE-2023-29211 | org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-16 06:34:28 | Deep Dive |
| CVE-2023-29210 | org.xwiki.platform:xwiki-platform-notifications-ui Eval Injection vulnerability | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-15 16:20:29 | Deep Dive |
| CVE-2023-29209 | org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-15 16:06:45 | Deep Dive |
| CVE-2023-29208 | Data leak through deleted documents | xwiki | xwiki-platform | High | 7.5 | 2023-04-15 15:52:47 | Deep Dive |
| CVE-2023-29207 | Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro | xwiki | xwiki-platform | High | 8.9 | 2023-04-15 15:48:05 | Deep Dive |
| CVE-2023-29206 | org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins | xwiki | xwiki-platform | Critical | 9.0 | 2023-04-15 15:41:56 | Deep Dive |
| CVE-2023-29205 | org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro | xwiki | xwiki-platform | Critical | 9.9 | 2023-04-15 15:27:06 | Deep Dive |
| CVE-2023-29204 | URL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore | xwiki | xwiki-platform | Medium | 4.7 | 2023-04-15 15:24:22 | Deep Dive |