pkg:Maven/org.xwiki.commons:xwiki-commons-xml

6 total CVEsCRITICAL5MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.9CVE-2023-26055XWiki Platform may allow privilege escalation to programming rights via user's first name
    >= 3.1-milestone-1, < 13.10.9
  • CRITICAL9.0CVE-2023-36471org.xwiki.commons:xwiki-commons-xml's HTML sanitizer allows form elements in restricted
    >= 14.6-rc-1, < 14.10.6
  • CRITICAL9.0CVE-2023-31126Improper Neutralization of Invalid Characters in Data Attribute Names in org.xwiki.commons:xwiki-commons-xml
    >= 14.6-rc-1, < 14.10.4
  • CRITICAL9.0CVE-2023-29528Cross-site Scripting in org.xwiki.commons:xwiki-commons-xml
    >= 4.2-milestone-1, < 14.10
  • CRITICAL9.0CVE-2023-29201org.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
    >= 4.2-milestone-1, < 14.6-rc-1
  • MEDIUM4.9CVE-2022-24898Arbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xml
    >= 2.7, < 12.10.10