Maven package
org.xwiki.platform/xwiki-platform
pkg:maven/org.xwiki.platform/xwiki-platform
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-21648 | — | >= 15.0-rc-1, < 15.5.3 | 15.5.3 | Jan 8, 2024 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched i | ||
| CVE-2018-16277 | — | <= 10.7 | — | Sep 28, 2018 | The Image Import function in XWiki through 10.7 has XSS. |
- CVE-2024-21648Jan 8, 2024affected >= 15.0-rc-1, < 15.5.3fixed 15.5.3
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched i
- CVE-2018-16277Sep 28, 2018affected <= 10.7
The Image Import function in XWiki through 10.7 has XSS.