pkg:Maven/org.xwiki.platform:xwiki-platform-administration-ui

11 total CVEsCRITICAL8HIGH2MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2024-21650XWiki Remote Code Execution Vulnerability via User Registration
    >= 2.2, < 14.10.17
  • CRITICAL10.0CVE-2023-46731XWiki Platform vulnerable to remote code execution through the section parameter in Administration as guest
    from 0, < 14.10.14
  • CRITICAL9.9CVE-2023-50723Remote code execution/programming rights with configuration section from any user account
    >= 2.3, < 14.10.15
  • CRITICAL9.9CVE-2023-29514XWiki vulnerable to Code Injection in template provider administration
    >= 4.2-milestone-1, < 13.10.11
  • CRITICAL9.9CVE-2023-29510Code injection via unescaped translations in xwiki-platform
    >= 4.3-milestone-2, < 14.10.2
  • CRITICAL9.9CVE-2023-29511xwiki-platform-administration-ui vulnerable to privilege escalation
    >= 1.5M2, < 13.10.11
  • CRITICAL9.6CVE-2023-50722XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
    >= 2.3, < 14.10.15
  • CRITICAL9.1CVE-2024-55879XWiki allows RCE from script right in configurable sections
    >= 2.3, < 15.10.9
  • HIGH8.8CVE-2022-23616Remote code execution in xwiki-platform
    >= 3.1-milestone-1, < 13.1RC1
  • HIGH7.5CVE-2021-32732Cross-Site Request Forgery in xwiki-platform
    from 0, < 12.10.5
  • MEDIUM5.7CVE-2021-32730No CSRF protection on the password change form
    from 0, < 12.10.5