Exposição de XWiki
Wikis334
score de exposição
39
sites usam
1
em exploração
121
críticos
CVEs
245 resultadosCVE-2025-55748CRITICALXWiki Platform's configuration files can be accessed through jsx and sx endpointsEPSS 1.6%CVE-2023-37909CRITICALPrivilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheetEPSS 1.6%CVE-2023-36468CRITICALUpgrading doesn't prevent exploiting vulnerable XWiki documentsEPSS 1.6%CVE-2024-41947CRITICALXWiki Platform XSS through conflict resolutionEPSS 1.6%CVE-2024-55877CRITICALXWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosListEPSS 1.6%CVE-2025-55747CRITICALXWiki Platform's configuration files can be accessed through the webjars APIEPSS 1.6%CVE-2023-37914CRITICALPrivilege escalation (PR)/RCE from account through Invitation subject/messageEPSS 1.5%CVE-2023-35155HIGHXWiki Platform vulnerable to cross-site scripting in target parameter via share page by emailEPSS 1.5%CVE-2024-31981CRITICALXWiki Platform: Privilege escalation (PR) from user registration through PDFClassEPSS 1.4%CVE-2024-31983CRITICALXWiki Platform: Remote code execution from edit in multilingual wikis via translationsEPSS 1.4%CVE-2024-31987CRITICALXWiki Platform remote code execution from account via custom skins supportEPSS 1.4%CVE-2022-24897HIGHArbitrary filesystem write access from VelocityEPSS 1.4%CVE-2022-24898MEDIUMArbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xmlEPSS 1.4%CVE-2023-29202CRITICALorg.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerabilityEPSS 1.4%CVE-2023-29207HIGHImproper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable MacroEPSS 1.4%CVE-2025-55749HIGHThe XWiki Jetty package (XJetty) allows accessing any application file through URLEPSS 1.4%CVE-2021-21380HIGHRating Script Service expose XWiki to SQL injectionEPSS 1.3%CVE-2020-15171MEDIUMUsers with SCRIPT rights can execute arbitrary code in XWikiEPSS 1.3%CVE-2023-29528CRITICALCross-site Scripting in org.xwiki.commons:xwiki-commons-xmlEPSS 1.3%CVE-2022-29251HIGHCross-site Scripting in the Flamingo theme managerEPSS 1.3%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →