Exposição de XWiki
Wikis334
score de exposição
39
sites usam
1
em exploração
121
críticos
CVEs
245 resultadosCVE-2022-41929MEDIUMMissing Authorization in User#setDisabledStatus in org.xwiki.platform:xwiki-platform-oldcoreEPSS 0.7%CVE-2023-48240CRITICALXWiki Platform sends cookies to external images in rendered diff and is vulnerable to server side request forgeryEPSS 0.7%CVE-2025-49582HIGHXWiki's required right warnings for macros are incompleteEPSS 0.7%CVE-2024-31988CRITICALXWiki Platform CSRF remote code execution through the realtime HTML Converter APIEPSS 0.7%CVE-2024-37899CRITICALDisabling a user account changes its author, allowing RCE from user account in XWikiEPSS 0.7%CVE-2023-29203LOWUnauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm EPSS 0.7%CVE-2022-36091HIGHXWiki Platform Web Templates vulnerable to Missing Authorization and Exposure of Private Personal Information to an Unauthorized ActorEPSS 0.7%CVE-2022-23615MEDIUMPartial authorization bypass on document save in xwiki-platformEPSS 0.7%CVE-2023-29513MEDIUMUsers can be created even when registration is disabled without validation via the template macro in xwiki-platformEPSS 0.7%CVE-2023-26480HIGHXWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live DataEPSS 0.7%CVE-2023-26478MEDIUMorg.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or FunctionEPSS 0.7%CVE-2022-36093HIGHXWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution WizardEPSS 0.7%CVE-2023-38509MEDIUMXWiki Platform's obfuscated email addresses should not be sortedEPSS 0.7%CVE-2023-50722CRITICALXWiki Platform XSS/CSRF Remote Code Execution in XWiki.ConfigurableClassEPSS 0.7%CVE-2023-32070CRITICALImproper Neutralization of Script in Attributes in XWiki (X)HTML renderersEPSS 0.7%CVE-2022-31167HIGHXWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same referenceEPSS 0.6%CVE-2024-43401CRITICALIn XWiki Platform, payloads stored in content is executed when a user with script/programming right edit themEPSS 0.6%CVE-2023-26473MEDIUMXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vmEPSS 0.6%CVE-2024-21651HIGHXWiki Denial of Service attack through attachmentsEPSS 0.6%CVE-2023-35157HIGHXWiki Platform vulnerable to reflected cross-site scripting via delattachment actionEPSS 0.6%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →