VYPR

Maven package

org.xwiki.platform/xwiki-platform-like-ui

pkg:maven/org.xwiki.platform/xwiki-platform-like-ui

Vulnerabilities (1)

  • CVE-2023-35152Jun 23, 2023
    affected >= 12.9-rc-1, < 14.4.8fixed 14.4.8

    XWiki Platform is a generic wiki platform. Starting in version 12.9-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.1, any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation. The vulnerab