pkg:maven/org.xwiki.platform/xwiki-platform-rest-server
Type
maven
Namespace
org.xwiki.platform
Name
xwiki-platform-rest-server
Known advisories, vulnerabilities and fixes for org.xwiki.platform/xwiki-platform-rest-server package.
Critical
1
High
1
Moderate
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 15.0-rc-1, < 15.2 >= 1.8, < 14.10.8 |
CVE-2023-37277
|
MAVEN:GHSA-6XXR-648M-GCH6 | XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API | critical |
2023-07-10T21:53:12
(14 months ago) |
|
Fixed | = 15.2 = 14.10.8 |
CVE-2023-37277
|
MAVEN:GHSA-6XXR-648M-GCH6 | XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API | critical |
2023-07-10T21:53:12
(14 months ago) |
|
Affected | >= 15.0-rc-1, < 15.1 >= 14.5, < 14.10.6 >= 7.3-milestone-1, < 14.4.8 |
CVE-2023-35151
|
MAVEN:GHSA-8G9C-C9CM-9C56 | XWiki Platform may show email addresses in clear in REST results | high |
2023-06-20T16:46:29
(15 months ago) |
|
Fixed | = 15.1 = 14.10.6 = 14.4.8 |
CVE-2023-35151
|
MAVEN:GHSA-8G9C-C9CM-9C56 | XWiki Platform may show email addresses in clear in REST results | high |
2023-06-20T16:46:29
(15 months ago) |
|
Affected | >= 14.5.0, < 14.6 >= 14.0.0, < 14.4.3 >= 8.1, < 13.10.8 |
CVE-2022-41936
|
MAVEN:GHSA-P88W-FHXW-XVCC | Exposure of Private Personal Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-rest-server | moderate |
2022-11-21T23:25:00
(22 months ago) |
|
Fixed | = 14.6 = 14.4.3 = 13.10.8 |
CVE-2022-41936
|
MAVEN:GHSA-P88W-FHXW-XVCC | Exposure of Private Personal Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-rest-server | moderate |
2022-11-21T23:25:00
(22 months ago) |
|
Affected | >= 16.0.0-rc-1, < 16.3.0-rc-1 >= 1.8.0, < 15.10.9 |
CVE-2024-45591
|
MAVEN:GHSA-PVMM-55R5-G3MM | XWiki Platform document history including authors of any page exposed to unauthorized actors | moderate |
2024-09-10T15:53:27
(6 days ago) |
|
Fixed | = 16.3.0-rc-1 = 15.10.9 |
CVE-2024-45591
|
MAVEN:GHSA-PVMM-55R5-G3MM | XWiki Platform document history including authors of any page exposed to unauthorized actors | moderate |
2024-09-10T15:53:27
(6 days ago) |