Rendering Xwiki Rendering

Do you want an email whenever new security vulnerabilities are reported in Xwiki Rendering?

By the Year

In 2023 there have been 1 vulnerability in Xwiki Rendering with an average score of 6.1 out of ten. Rendering did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.

Year Vulnerabilities Average Score
2023 1 6.10
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Rendering vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Xwiki Rendering Security Vulnerabilities

XWiki Platform is a generic wiki platform

CVE-2023-32070 6.1 - Medium - May 10, 2023

XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. There are no known workarounds apart from upgrading to a fixed version.


Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Xwiki Rendering or by Xwiki? Click the Watch button to subscribe.