VYPR

Maven package

org.xwiki.platform/xwiki-platform-help-ui

pkg:maven/org.xwiki.platform/xwiki-platform-help-ui

Vulnerabilities (2)

  • CVE-2024-55877Dec 12, 2024
    affected >= 9.7-rc-1, < 15.10.11fixed 15.10.11

    XWiki Platform is a generic wiki platform. Starting in version 9.7-rc-1 and prior to versions 15.10.11, 16.4.1, and 16.5.0, any user with an account can perform arbitrary remote code execution by adding instances of `XWiki.WikiMacroClass` to any page. This compromises the confide

  • CVE-2023-35166Jun 20, 2023
    affected >= 8.1-milestone-1, < 14.10.5fixed 14.10.5

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute any wiki content with the right of the TipsPanel author by creating a tip UI extension. This has been patched in XWiki 15.1-rc-1 and 14.10.5.