org.xwiki.platform:xwiki-platform-attachment-ui (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.xwiki.platform:xwiki-platform-attachment-ui, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2022-41928 — CVSS 9.9 (critical): XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in…
CVE-2023-29516 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on…
CVE-2023-29519 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform…
CVE-2022-36097 — CVSS 8.9 (high): XWiki Platform Attachment UI provides a macro to easily upload and select attachments for XWiki Platform, a generic wiki platform. Starting…