VYPR

Maven package

org.xwiki.platform/xwiki-platform-vfs-ui

pkg:maven/org.xwiki.platform/xwiki-platform-vfs-ui

Vulnerabilities (1)

  • CVE-2023-29521Apr 18, 2023
    affected >= 7.4-milestone-2, < 13.10.11fixed 13.10.11

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping