Exposição de XWiki
Wikis334
score de exposição
39
sites usam
1
em exploração
121
críticos
CVEs
245 resultadosCVE-2023-31126CRITICALImproper Neutralization of Invalid Characters in Data Attribute Names in org.xwiki.commons:xwiki-commons-xmlEPSS 0.8%CVE-2022-41930HIGHorg.xwiki.platform:xwiki-platform-user-profile-ui missing authorization to enable or disable usersEPSS 0.8%CVE-2022-36092HIGHXWiki Platform Old Core vulnerable to Authentication Bypass Using the Login ActionEPSS 0.8%CVE-2022-24821MEDIUMIncorrect Use of Privileged APIs in org.xwiki.platform.skin.skinxEPSS 0.8%CVE-2023-46244CRITICALPrivilege escalation in Xwiki platformEPSS 0.8%CVE-2023-26474CRITICALXWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong authorEPSS 0.8%CVE-2022-23618MEDIUMOpen Redirect in xwiki-platformEPSS 0.8%CVE-2025-48063MEDIUMXWiki Platform Security Authorization Bridge allows users with just edit right can enforce required rights with programming rightEPSS 0.8%CVE-2023-32069CRITICALXWiki Platform privilege escalation (PR)/RCE from account through class sheetEPSS 0.8%CVE-2022-41935MEDIUMExposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-uiEPSS 0.8%CVE-2023-36477CRITICALPersistent Cross-site Scripting (XSS) through CKEditor Configuration pages in XWiki PlatformEPSS 0.8%CVE-2023-37911MEDIUMorg.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documentsEPSS 0.8%CVE-2024-55662CRITICALXWiki allows remote code execution through the extension sheetEPSS 0.7%CVE-2023-27480HIGHData leak through a XAR import XXE attack in xwiki-platform-xar-modelEPSS 0.7%CVE-2023-35153CRITICALXWiki Platform vulnerable to stored cross-site scripting in ClassEditSheet page via name parametersEPSS 0.7%CVE-2022-41937CRITICALMissing Authorization in XWiki PlatformEPSS 0.7%CVE-2022-41936MEDIUMExposure of Private Personal Information to an Unauthorized Actor in xwiki-platform-rest-serverEPSS 0.7%CVE-2023-35151HIGHXWiki Platform may show email addresses in clear in REST resultsEPSS 0.7%CVE-2024-55663HIGHXWiki Platform has an SQL injection in getdocuments.vm with sort parameterEPSS 0.7%CVE-2023-34464CRITICALXWiki vulnerable to stored cross-site scripting via any wiki document and the displaycontent/rendercontent templateEPSS 0.7%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →