org.xwiki.platform:xwiki-platform-oldcore
Security Advisories for org.xwiki.platform:xwiki-platform-oldcore in maven
High
about 2 months ago
XWiki exposes passwords and emails stored in fields not named password/email in xml.vm
maven
org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
High
about 2 months ago
XWiki leaks password hashes and other accessible password properties
maven
org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
High
2 months ago
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API
maven
org.xwiki.platform:xwiki-platform-oldcore
High
4 months ago
XWiki allows remote code execution through preview of XClass changes in AWM editor
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
4 months ago
XWiki allows SQL injection in query endpoint of REST API with Oracle
maven
org.xwiki.platform:xwiki-platform-oldcore
High
5 months ago
org.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
about 1 year ago
XWiki Platform allows XSS through XClass name in string properties
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
about 1 year ago
XWiki Platform vulnerable to document deletion and overwrite from edit
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform allows remote code execution from user account
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform remote code execution from account via custom skins support
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 1 year ago
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
maven
org.xwiki.platform:xwiki-platform-oldcore
High
over 1 year ago
XWiki has no right protection on rollback action
maven
org.xwiki.platform:xwiki-platform, org.xwiki.platform:xwiki-platform-oldcore
High
almost 2 years ago
XWiki Platform vulnerable to privilege escalation and remote code execution via the edit action
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
almost 2 years ago
XWiki Platform vulnerable to remote code execution via the edit action because it lacks CSRF token
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
almost 2 years ago
org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
about 2 years ago
Velocity execution without script right through VelocityCode and VelocityWiki property
maven
org.xwiki.platform:xwiki-platform-oldcore
High
about 2 years ago
XWiki Platform vulnerable to CSRF privilege escalation/RCE via the create action
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
Upgrading doesn't prevent exploiting vulnerable XWiki documents
maven
org.xwiki.platform:xwiki-platform-oldcore
High
over 2 years ago
XWiki Platform vulnerable to reflected cross-site scripting via delattachment action
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 2 years ago
org.xwiki.platform:xwiki-platform-oldcore Open Redirect vulnerability
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
XWiki Platform's async and display macro allow displaying and interacting with any document in restricted mode
maven
org.xwiki.platform:xwiki-platform-rendering-async-macro, org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
XWiki Platform vulnerable to code injection in display method used in user profiles
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 2 years ago
org.xwiki.platform:xwiki-platform-oldcore Open Redirect vulnerability
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors
maven
org.xwiki.platform:xwiki-platform-oldcore
High
over 2 years ago
org.xwiki.platform:xwiki-platform-oldcore vulnerable to data leak through deleted documents
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 2 years ago
XWiki Platform subject to Uncontrolled Resource Consumption
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
maven
org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
High
almost 3 years ago
Creation of new database tables through login form on PostgreSQL
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
almost 3 years ago
Missing Authorization in User#setDisabledStatus in org.xwiki.platform:xwiki-platform-oldcore
maven
org.xwiki.platform:xwiki-platform-oldcore
High
about 3 years ago
XWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groups
maven
org.xwiki.platform:xwiki-platform-oldcore
High
about 3 years ago
XWiki Platform Improper Authorization check for inactive users
maven
org.xwiki.platform:xwiki-platform-oldcore
High
about 3 years ago
XWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action
maven
org.xwiki.platform:xwiki-platform-oldcore
Low
over 3 years ago
Path Traversal in XWiki Platform
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 3 years ago
XWiki Remote Code Execution
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 3 years ago
Cross-site Scripting by SVG upload in xwiki-platform
maven
org.xwiki.platform:xwiki-platform-tool-configuration-resources, org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 3 years ago
Missing authorization in xwiki-platform
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 3 years ago
URL Redirection to Untrusted Site ('Open Redirect')
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 3 years ago
Missing authorization in xwiki-platform
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
over 3 years ago
Partial authorization bypass on document save in xwiki-platform
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 4 years ago
XSS Cross Site Scripting
maven
org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-oldcore
Low
about 5 years ago
Users with SCRIPT right can execute arbitrary code in XWiki
maven
org.xwiki.platform:xwiki-platform-oldcore