Maven package
org.xwiki.platform/xwiki-platform-menu-ui
pkg:maven/org.xwiki.platform/xwiki-platform-menu-ui
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-37909 | — | >= 5.1-rc-1, < 14.10.8 | 14.10.8 | Oct 25, 2023 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.1-rc-1 and prior to versions 14.10.8 and 15.3-rc-1, any user who can edit their own user profile can execute arbitrary script macros including Groovy and | ||
| CVE-2022-41934 | — | < 13.10.8 | 13.10.8 | Nov 23, 2022 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on commonly accessible documents including the menu macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to th |
- CVE-2023-37909Oct 25, 2023affected >= 5.1-rc-1, < 14.10.8fixed 14.10.8
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.1-rc-1 and prior to versions 14.10.8 and 15.3-rc-1, any user who can edit their own user profile can execute arbitrary script macros including Groovy and
- CVE-2022-41934Nov 23, 2022affected < 13.10.8fixed 13.10.8
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on commonly accessible documents including the menu macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to th