all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

Add to bookmarks
Aug. 23, 2023, 3:46 p.m. | Trend Micro Research Team

Zero Day Initiative - Blog www.zerodayinitiative.com

In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Simon Humbert and Lucas Miller of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in the XWiki free wiki software platform. This bug was originally discovered by Michael Hamann with public Proof-of-Concept (PoC) code provided by Manuel Leduc. Successful exploitation of this vulnerability would allow an authenticated attacker to perform an arbitrary code injection on affected systems. The following is a portion of …

blog post bug code code execution code injection concept cve free injection michael micro miller org platform poc proof proof-of-concept public remote code remote code execution report research service software software platform team trend trend micro vulnerability vulnerability research wiki

Visit resource

More from www.zerodayinitiative.com / Zero Day Initiative - Blog

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability 2 weeks, 1 day ago | www.zerodayinitiative.com
amp blog post bug code +25
The April 2024 Security Updates Review 3 weeks, 1 day ago | www.zerodayinitiative.com
adobe april blog post can +12
Pwn2Own Vancouver 2024 - Day Two Results 1 month, 1 week ago | www.zerodayinitiative.com
blog post chrome edge event +10
Pwn2Own Vancouver 2024 - Day One Results 1 month, 1 week ago | www.zerodayinitiative.com
blog blog post browser day one +11
Pwn2Own Vancouver 2024 - The Full Schedule 1 month, 1 week ago | www.zerodayinitiative.com
blog post
The March 2024 Security Update Review 1 month, 2 weeks ago | www.zerodayinitiative.com
adobe blog post can check +14
CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability 1 month, 3 weeks ago | www.zerodayinitiative.com
arbitrary file write blog post bug crlf injection +26
The February 2024 Security Update Review 2 months, 2 weeks ago | www.zerodayinitiative.com
adobe blog post february latest +11
CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability 2 months, 3 weeks ago | www.zerodayinitiative.com
avalanche blog post code code execution +32

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati
View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478
View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom
View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA
View on infosec-jobs.com
View more jobs