Vulnerabilidades en xwikisas
18 resultadosCVE-2023-45144CRITICALRemote code execution from login screen through unescaped URL parameter in OAuth Identity XWiki AppEPSS 1.1%CVE-2024-42489CRITICALPro Macros Remote Code Execution via Viewpdf and similar macrosEPSS 1.1%CVE-2025-55727CRITICALXWiki Remote Macros vulnerable to remote code execution from width parameter in the column macroEPSS 1.0%CVE-2025-55728CRITICALXWiki Remote Macros vulnerable to remote code execution using the panel macroEPSS 0.7%CVE-2025-55729CRITICALXWiki Remote Macros vulnerable to remote code execution using the ConfluenceLayoutSection macroEPSS 0.7%CVE-2025-55730CRITICALXWiki Remote Macros vulnerable to remote code execution using the confluence paste code macroEPSS 0.7%CVE-2024-52298HIGHmacro-pdfviewer's preview in WYSIWYG editor allows accessing any PDF document as the last authorEPSS 0.7%CVE-2025-27603CRITICALXWiki Confluence Migrator Pro allows Remote Code Execution via unescaped translationsEPSS 0.6%CVE-2024-30263HIGHThe PDF Viewer macro can be used to view PDF attachments with restricted accessEPSS 0.5%CVE-2023-46743HIGHThe same file cannot be opened with different rightsEPSS 0.5%CVE-2024-52299HIGHThe PDF viewer macro allows accessing any attachment without access right checksEPSS 0.5%CVE-2024-26138MEDIUMLicense information is public, exposing instance id and license holder detailsEPSS 0.5%CVE-2024-52300CRITICALmacro-pdfviewer has a XSS through the width parameterEPSS 0.4%CVE-2025-27604HIGHXWiki Confluence Migrator Pro's homepage is publicEPSS 0.3%CVE-2025-65036HIGHXWiki Remote Macros vulnerable to remote code execution using the confluence details summary macroEPSS 0.3%CVE-2025-65089MEDIUMXWiki view file macro: User can view content of office file without view rights on the attachmentEPSS 0.3%CVE-2025-54990MEDIUMXWiki AdminTools application doesn't set permissions on the AdminTools spaceEPSS 0.2%CVE-2025-48885MEDIUMapplication-urlshortener users can create arbitrary pages as long as they have view access to themEPSS 0.2%