Security

SECURITY.md

Security Policy

XWiki security policy is detailed on the following document: https://dev.xwiki.org/xwiki/bin/view/Community/SecurityPolicy/.

Exposed Dangerous Method or Function in org.xwiki.platform:xwiki-platform-store-filesystem-oldcore
GHSA-8692-g6g9-gm5p published Mar 1, 2023 by manuelleduc

Moderate
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-flamingo-theme-ui
GHSA-x2qm-r4wx-8gpg published Mar 1, 2023 by manuelleduc

Critical
Macro execution as any user without programming rights through the context macro
GHSA-859x-p6jp-rc2w published Mar 1, 2023 by tmortagne

Moderate
Multiple instances of stored cross-site scripting (XSS) via HTML and raw macro
GHSA-vxf7-mx22-jr24 published Apr 12, 2023 by tmortagne

Critical
URL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore
GHSA-xwph-x6xj-wggv published Apr 12, 2023 by tmortagne

Moderate
Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
GHSA-vvp7-r422-rx83 published Apr 12, 2023 by tmortagne

Low
Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui,org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
GHSA-5cf8-vrr8-8hjm published Mar 1, 2023 by manuelleduc

High
Exposure of Private Personal Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-rest-server
GHSA-p88w-fhxw-xvcc published Nov 21, 2022 by surli

Moderate
Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui
GHSA-p2x4-6ghr-6vmq published Nov 21, 2022 by surli

Moderate
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in org.xwiki.platform:xwiki-platform-rendering-macro-rss
GHSA-c885-89fw-55qr published Apr 12, 2023 by tmortagne

Critical

Learn more about advisories related to xwiki/xwiki-platform in the GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security

SECURITY.md

Security Policy

Security: xwiki/xwiki-platform

Security

SECURITY.md

Security Policy