all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-29519 (xwiki)

Add to bookmarks
April 19, 2023, 12:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" field of an attachment selector, as a gadget of their own dashboard. Note that the vulnerability does not impact comments of a wiki. The vulnerability has been patched in XWiki 13.10.11, 14.4.8, 14.10.2, 15.0-rc-1. Users are advised to upgrade. There are no known …

applications attachment code code execution comments cve dashboard escalation gadget impact own platform privilege privilege escalation remote code remote code execution runtime services upgrade vulnerability wiki

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 5 months, 3 weeks ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Operations Analyst

@ Astranis | San Francisco
View on infosec-jobs.com

Manager - Business continuity Security and Safety.Risk and Compliance

@ MTN | Benin
View on infosec-jobs.com

Cyber Analyst, Digital Forensics Incident Response

@ At-Bay | Canada
View on infosec-jobs.com

Technical Product Manager, AppSec and DevSecOps

@ Penn Interactive | Philadelphia
View on infosec-jobs.com

Experienced Cloud Security Engineer (m/f/d) - Cybersecurity

@ MediaMarktSaturn | Barcelona, ES, 8003
View on infosec-jobs.com
View more jobs