org.xwiki.platform:xwiki-platform-search-ui

Maven4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.xwiki.platform:xwiki-platform-search-uipage 1 of 1

CVE-2023-50721CRITICALCVSS 9.9EG 9.9✓ Fixed in 15.7-rc-1
2023-12-15
XWiki Platform is a generic wiki platform. Starting in 4.5-rc-1 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, the search administration interface doesn't properly escape the id and label of search user interface extensions, allowi…
CVE-2024-31465CRITICALCVSS 9.9EG 9.9✓ Fixed in 15.10-rc-1
2024-04-10
XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any page can execute any code on the server by adding an object of type `XWiki.Searc…
CVE-2024-31982CRITICALCVSS 10.0EG 10.0✓ Fixed in 15.10-rc-1
2024-04-10
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code exe…
CVE-2024-37901CRITICALCVSS 9.9EG 9.9✓ Fixed in 15.10.2
2024-07-31
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit right on any page can perform arbitrary remote code execution by adding instances of `XWiki.SearchSuggestConfig` an…

Check whether org.xwiki.platform:xwiki-platform-search-ui is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.xwiki.platform:xwiki-platform-search-ui CVEs against the assets you own.

Start Free Scan →