Xwiki Rendering
By the Year
In 2023 there have been 1 vulnerability in Xwiki Rendering with an average score of 6.1 out of ten. Rendering did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 6.10 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Rendering vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Xwiki Rendering Security Vulnerabilities
XWiki Platform is a generic wiki platform
CVE-2023-32070
6.1 - Medium
- May 10, 2023
XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. There are no known workarounds apart from upgrading to a fixed version.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Xwiki Rendering or by Xwiki? Click the Watch button to subscribe.
