Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

7 advisories

Loading
Static Code Injection in Microweber High
CVE-2022-0895 was published for microweber/microweber (Composer) Mar 11, 2022
Path Traversal in django-s3file Critical
CVE-2022-24840 was published for django-s3file (pip) Jun 6, 2022
tunecrew syphar
herrbenesch codingjoe
Froxlor contains Static Code Injection Moderate
CVE-2023-0566 was published for froxlor/froxlor (Composer) Jan 30, 2023
XWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader High
CVE-2024-37900 was published for org.xwiki.platform:xwiki-platform-web-war (Maven) Jul 31, 2024
RoboGR00t
XWiki Platform allows XSS through XClass name in string properties Critical
CVE-2024-43400 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Aug 19, 2024
XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList Critical
CVE-2024-55877 was published for org.xwiki.platform:xwiki-platform-help-ui (Maven) Dec 12, 2024
XWiki allows remote code execution through the extension sheet Critical
CVE-2024-55662 was published for org.xwiki.platform:xwiki-platform-repository-server-ui (Maven) Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API