xwiki - CVE CyberSecurity Database News (Page 2)

Apr 16, 2023 API Exploit xwiki xwiki-platform

CVE-2023-29507 - How XWiki’s DocumentAuthors API Opened the Door to Script Execution Attacks

XWiki is a popular open-source platform for creating collaborative knowledge bases and wikis. Many major industries rely on it—including education, research, and software development.

Apr 16, 2023 Exploit xwiki xwiki-platform

CVE-2023-29214 - How XWiki Commons Allowed Any Editor to Run Arbitrary Code (with Exploit, Details, and Patch Info)

In June 2023, a critical security flaw—CVE-2023-29214—was revealed in XWiki Commons, a core set of libraries used across many XWiki projects. This vulnerability

Apr 16, 2023 xwiki xwiki-platform

CVE-2023-29506 - Code Injection in XWiki Commons Endpoint URLs – What You Need to Know

Recently, a serious security vulnerability was found in XWiki Commons, a set of technical libraries used by several big XWiki projects. This flaw, tracked as

Apr 15, 2023 RCE Exploit xwiki xwiki-platform

CVE-2023-29209 - Unlocking XWiki With Just View Rights — Full Exploit Analysis, Code, and Defense

CVE-2023-29209 is a serious vulnerability that struck XWiki, an open-source enterprise wiki platform, exposing installations to severe remote code execution (RCE) risks. Discovered in the

Apr 15, 2023 CSS Exploit xwiki xwiki-platform

CVE-2023-29206 - Understanding the XWiki Commons Script Execution Vulnerability

*Published: June 2024* Introduction If you use XWiki – or manage any knowledge system built on it – you should pay close attention to CVE-2023-29206. This vulnerability