VYPR

Maven package

org.xwiki.platform/xwiki-platform-administration

pkg:maven/org.xwiki.platform/xwiki-platform-administration

Vulnerabilities (2)

  • CVE-2023-46731Nov 6, 2023
    affected < 14.10.14fixed 14.10.14

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki doesn't properly escape the section URL parameter that is used in the code for displaying administration sections. This allows any user with read access to the document

  • CVE-2023-29514Apr 18, 2023
    affected >= 3.1-milestone-1

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on any document (e.g., their own user profile) can execute code with programming rights, leading to remote code execution. This vulnerability has bee