Maven package
org.xwiki.platform/xwiki-platform-web-war
pkg:maven/org.xwiki.platform/xwiki-platform-web-war
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-37900 | — | >= 4.2-milestone-3, < 14.10.21 | 14.10.21 | Jul 31, 2024 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When uploading an attachment with a malicious filename, malicious JavaScript code could be executed. This requires a social engineering attack to get the victim into uploading |
- CVE-2024-37900Jul 31, 2024affected >= 4.2-milestone-3, < 14.10.21fixed 14.10.21
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When uploading an attachment with a malicious filename, malicious JavaScript code could be executed. This requires a social engineering attack to get the victim into uploading