Exposição de XWiki
Wikis334
score de exposição
39
sites usam
1
em exploração
121
críticos
CVEs
245 resultadosCVE-2023-48241HIGHXWiki exposed whole content of all documents of all wikis to anybody with view right on Solr suggest serviceEPSS 72.8%CVE-2023-32071CRITICALXWiki Platform vulnerable to RXSS via editor parameter - importinline templateEPSS 71.1%CVE-2022-36098HIGHXWiki Platform Mentions UI vulnerable to Cross-site ScriptingEPSS 71.0%CVE-2023-29516CRITICALCode injection from view right on XWiki.AttachmentSelector in xwiki-platformEPSS 65.9%CVE-2023-26475CRITICALXWiki Platform vulnerable to Remote Code Execution in AnnotationsEPSS 64.5%CVE-2022-36094HIGHXWiki Platform Web Parent POM vulnerable to XSS in the attachment historyEPSS 64.1%CVE-2023-35166CRITICALPrivilege escalation (PR) from account through TipsPanelEPSS 63.1%CVE-2022-36096HIGHXWiki Platform vulnerable to Cross-site Scripting in the deleted attachments listEPSS 59.5%CVE-2023-50720MEDIUMXWiki Platform Solr search discloses email addresses of usersEPSS 59.1%CVE-2022-36097HIGHXWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment formEPSS 57.4%CVE-2023-32068MEDIUMURL Redirection to Untrusted Site in XWikiEPSS 55.1%CVE-2024-31982CRITICALXWiki Platform: Remote code execution as guest via DatabaseSearchEPSS 34.5%CVE-2026-23734CRITICALXWiki Platform: Path traversal via resources parameter in ssx and jsx endpoints when using leading slashEPSS 19.5%CVE-2024-37900MEDIUMXWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploaderEPSS 14.8%CVE-2023-45136CRITICALXWiki Platform web templates vulnerable to reflected XSS in the create document form if name validation is enabledEPSS 5.2%CVE-2024-45591MEDIUMXWiki Platform document history including authors of any page exposed to unauthorized actorsEPSS 3.4%CVE-2022-24819MEDIUMUnauthenticated user can retrieve the list of users through uorgsuggest.vmEPSS 3.2%CVE-2020-15252HIGHRCE in XWikiEPSS 3.2%CVE-2023-35162CRITICALXPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in preview actions templateEPSS 2.4%CVE-2023-35161CRITICALXWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication pageEPSS 2.4%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →