org.xwiki.platform:xwiki-platform-invitation-ui

Maven3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.xwiki.platform:xwiki-platform-invitation-uipage 1 of 1

CVE-2023-29518CRITICALCVSS 9.9EG 9.9✓ Fixed in 14.10.1
2023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installat…
CVE-2023-35150CRITICALCVSS 9.9EG 9.9✓ Fixed in 15.0
2023-06-23
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.40m-2 and prior to versions 14.4.8, 14.10.4, and 15.0, any user with view rights on any document can execute cod…
CVE-2023-37914CRITICALCVSS 9.9EG 9.9✓ Fixed in 15.2-rc-1
2023-08-17
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can view `Invitation.WebHome` can execute arbitrary script macros including Groovy and Python macros that allow remote co…

Check whether org.xwiki.platform:xwiki-platform-invitation-ui is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.xwiki.platform:xwiki-platform-invitation-ui CVEs against the assets you own.

Start Free Scan →