org.xwiki.platform:xwiki-platform-oldcore vulnerabilities

package manager

View on Maven Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.xwiki.platform:xwiki-platform-oldcore package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Cross-site Scripting	[,14.10.21) [15.0,15.5.5) [15.6,15.10.6)
C Remote Code Execution (RCE)	[9.2-rc-1,14.10.21) [15.0-rc-1,15.5.5) [15.6-rc-1,15.10.2)
M Missing Authorization	[13.10.4,14.10.21) [15.0.0,15.5.5) [15.6-rc-1,15.10.6)
M Incorrect Privilege Assignment	[13.4.7,13.5) [13.10.3,14.10.21) [15.0-rc-1,15.5.5) [15.6-rc-1,15.10.6) [16.0.0-rc-1,16.0.0)
H Missing Authorization	[6.4-milestone-1,14.10.19) [15.0-rc-1,15.5.4) [15.6-rc-1,15.10-rc-1)
M Information Exposure	[5.0-rc-1,14.10.19) [15.0-rc-1,15.5.4) [15.6-rc-1,15.9-rc-1)
C Missing Authorization	[3.0.1,14.10.20) [15.0-rc-1,15.5.4) [15.6-rc-1,15.10-rc-1)
H Improper Handling of Insufficient Privileges	[,14.10.17) [15.0-rc-1,15.5.3) [15.6-rc-1,15.8-rc-1)
C Code Injection	[,14.10.7) [15.0-rc-1,15.2-rc-1)
C Incorrect Authorization	[,14.10.6) [15.0-rc-1,15.2-rc-1)
M Incorrect Authorization	[9.4-rc-1,14.10.8) [15.0-rc-1,15.3-rc-1)
M Arbitrary Code Execution	[7.2,14.10.10) [15.0-rc-1,15.4-rc-1)
C Information Exposure	[3.2-milestone-3,14.10.9) [15.0-rc-1,15.4-rc-1)
H Cross-site Scripting (XSS)	[3.2-milestone-3,14.10.6) [15.0-rc-0,15.1-rc-1)
C Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	[3.3-milestone-1,13.10.11) [14.0-rc-1,14.4.8) [14.5,14.10.2)
H Information Exposure	[10.11.1,13.10.11) [14.0-rc-1,14.4.8) [14.5,14.10.3)
C Incorrect Use of Privileged APIs	[14.4.1,14.4.7) [14.5,14.10)
M Open Redirect	[6.0-rc-1,13.10.10) [14.0-rc-1,14.4.4) [14.5,<14.8-rc-1)
H Exposure of Resource to Wrong Sphere	[1.2-milestone-1,13.10.11) [14.0-rc-1,14.4.7) [14.5,14.10)
H Privilege Context Switching Error	[2.3-milestone-1,13.10.11) [14.0-rc-1,14.10)
H Access Control Bypass	[13.10,13.10.11) [14.0-rc-1,14.10)
M Denial of Service (DoS)	[,14.0-rc-1)
H Denial of Service (DoS)	[14.5.0,14.6-rc-1) [14.0.0,14.4.2) [,13.10.8)
M Missing Authorization	[14.0.0,14.4.2) [11.7RC1,13.10.7)
M Information Exposure	[,13.10.4) [14.0-rc-1,14.3-rc-1)
H Improper Authorization	[,13.10.5) [14.0-rc-1,14.3-rc-1)
H Privilege Escalation	[,13.10.4) [14.0-rc-1,14.2)
L Directory Traversal	[,13.10.3)
M Missing Authorization	[,12.10.9) [13.0.0,13.4.3) [13.5.0,13.7-rc-1)
M Open Redirect	[,12.10.7) [13.0,13.3-rc-1)
M Missing Authorization	[,12.10.6) [13.0,13.2-rc-1)
M Authorization Bypass	[,13.0)
M Arbitrary Code Execution	[,12.10.6) [13.0,13.3)
M Improper Authorization	[12.10.0,12.10.2) [12.0,12.6.7) [11.6,11.10.13)
C Cross-site Scripting (XSS)	[12.7,12.8) [,12.6.3)
M Improper Input Validation	[,12.8)
H Remote Code Execution (RCE)	[,11.10.6) [12.0,12.5)
H Deserialization of Untrusted Data	[,11.10.5) [12.0.0,12.2.1)

org.xwiki.platform:xwiki-platform-oldcore vulnerabilities

package manager

Direct Vulnerabilities