Exposición de XWiki
Wikis334
score de exposición
39
sitios usan
1
en explotación
121
críticos
CVEs
245 resultadosCVE-2022-31166HIGHXWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groupsEPSS 1.1%CVE-2022-23619MEDIUMInformation exposure in xwiki-platformEPSS 1.1%CVE-2023-26472CRITICALXWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profileEPSS 1.1%CVE-2023-29527CRITICALCode injection from account through AWM view sheet in xwiki platformEPSS 1.1%CVE-2023-26479MEDIUMorg.xwiki.platform:xwiki-platform-rendering-parser vulnerable to Improper Handling of Exceptional ConditionsEPSS 1.1%CVE-2023-37913CRITICALorg.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converterEPSS 1.1%CVE-2023-37908CRITICALorg.xwiki.rendering:xwiki-rendering-xml Improper Neutralization of Invalid Characters in Identifiers in Web Pages vulnerabilityEPSS 1.1%CVE-2024-37901CRITICALXWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheetEPSS 1.1%CVE-2024-55879CRITICALXWiki allows RCE from script right in configurable sectionsEPSS 1.0%CVE-2023-30537CRITICALorg.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalationEPSS 1.0%CVE-2023-29511CRITICALxwiki-platform-administration-ui vulnerable to privilege escalationEPSS 1.0%CVE-2023-35152CRITICALXWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResultsEPSS 1.0%CVE-2023-29517HIGHExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-office-viewerEPSS 1.0%CVE-2022-29253LOWPath Traversal in XWiki PlatformEPSS 1.0%CVE-2023-40573CRITICALXWiki Platform's Groovy jobs check the wrong author, allowing remote code executionEPSS 1.0%CVE-2022-23622HIGHCross site scripting in registration template in xwiki-platformEPSS 1.0%CVE-2023-46243CRITICALCode execution via the edit action in XWiki platformEPSS 1.0%CVE-2023-40177CRITICALXWiki Platform privilege escalation (PR) from account through AWM content fieldsEPSS 1.0%CVE-2022-41928CRITICALXWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xmlEPSS 1.0%CVE-2022-24820MEDIUMUnauthenticated user can list hidden document from multiple velocity templatesEPSS 1.0%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →