Maven package
org.xwiki.platform/xwiki-platform-tag-ui
pkg:maven/org.xwiki.platform/xwiki-platform-tag-ui
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-41927 | — | >= 3.2-milestone-2, < 13.10.7 | 13.10.7 | Nov 23, 2022 | XWiki Platform is vulnerable to Cross-Site Request Forgery (CSRF) that may allow attackers to delete or rename tags without needing any confirmation. The problem has been patched in XWiki 13.10.7, 14.4.1 and 14.5RC1. Workarounds: It's possible to patch existing instances directly | ||
| CVE-2022-36100 | — | < 13.10.6 | 13.10.6 | Sep 8, 2022 | XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform. Starting with version 1.7 in XWiki Platform Applications Tag and prior to 13.10.6 and 14.4 in XWiki Platform Tag UI, the tags document `Main.Tags` in XWiki didn't sa |
- CVE-2022-41927Nov 23, 2022affected >= 3.2-milestone-2, < 13.10.7fixed 13.10.7
XWiki Platform is vulnerable to Cross-Site Request Forgery (CSRF) that may allow attackers to delete or rename tags without needing any confirmation. The problem has been patched in XWiki 13.10.7, 14.4.1 and 14.5RC1. Workarounds: It's possible to patch existing instances directly
- CVE-2022-36100Sep 8, 2022affected < 13.10.6fixed 13.10.6
XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform. Starting with version 1.7 in XWiki Platform Applications Tag and prior to 13.10.6 and 14.4 in XWiki Platform Tag UI, the tags document `Main.Tags` in XWiki didn't sa