Maven package
org.xwiki.platform/xwiki-platform-uiextension-api
pkg:maven/org.xwiki.platform/xwiki-platform-uiextension-api
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-31997 | — | < 14.10.19 | 14.10.19 | Apr 10, 2024 | XWiki Platform is a generic wiki platform. Prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, parameters of UI extensions are always interpreted as Velocity code and executed with programming rights. Any user with edit right on any document like the user's own profile can create |
- CVE-2024-31997Apr 10, 2024affected < 14.10.19fixed 14.10.19
XWiki Platform is a generic wiki platform. Prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, parameters of UI extensions are always interpreted as Velocity code and executed with programming rights. Any user with edit right on any document like the user's own profile can create