org.xwiki.platform:xwiki-platform-administration-ui (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.xwiki.platform:xwiki-platform-administration-ui, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2024-21650 — CVSS 10.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote…
CVE-2023-46731 — CVSS 10.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki doesn't properly escape the…
CVE-2023-29511 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on a…
CVE-2023-29514 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on any…
CVE-2023-29510 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In XWiki, every user can add…
CVE-2023-50723 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform. Starting in 2.3 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, anyone who can edit an…
CVE-2023-50722 — CVSS 9.6 (critical): XWiki Platform is a generic wiki platform. Starting in 2.3 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, there is a reflected XSS…
CVE-2024-55879 — CVSS 9.1 (critical): XWiki Platform is a generic wiki platform. Starting in version 2.3 and prior to versions 15.10.9, 16.3.0, any user with script rights can…
CVE-2022-23616 — CVSS 8.8 (high): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible…
CVE-2021-32732 — CVSS 7.5 (high): ### Impact It's possible to know if a user has or not an account in a wiki related to an email address, and which username(s) is actually…
CVE-2021-32730 — CVSS 5.7 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A cross-site request forgery…