pkg:Maven/org.xwiki.platform:xwiki-platform-attachment-ui

4 total CVEsCRITICAL2HIGH2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.9CVE-2023-29516XWiki Platform vulnerable to privilege escalation from view right on XWiki.AttachmentSelector
    >= 2.0-rc-2, < 13.10.11
  • CRITICAL9.9CVE-2022-41928Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml
    >= 5.0-milestone-1, < 13.10.7
  • HIGH8.9CVE-2022-36097XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form
    >= 14.0-rc-1, < 14.4-rc-1
  • HIGH8.8CVE-2023-29519org.xwiki.platform:xwiki-platform-attachment-ui vulnerable to Code Injection
    >= 3.0-rc-1, < 13.10.11