XWiki up to 12.6.87/12.10.3 Script Service protection mechanism

A vulnerability has been found in XWiki up to 12.6.87/12.10.3 (Content Management System) and classified as problematic. This vulnerability affects an unknown function of the component Script Service. Upgrading to version 12.6.88, 12.10.4 or 13.0 eliminates this vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-5296 : D-LINK D-VIEW 2.0.1.28 TOKENUTILS HARD-CODED KEY

CVE-2024-5296 : D-LINK D-VIEW 2.0.1.28 TOKENUTILS HARD-CODED KEY

Description D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on

CVE-2024-5201 : OPENTEXT DIMENSIONS RM UP TO 12.11.1.2/12.11.2.5 HTTP REQUEST PRIVILEGE ESCALATION

CVE-2024-5201 : OPENTEXT DIMENSIONS RM UP TO 12.11.1.2/12.11.2.5 HTTP REQUEST PRIVILEGE ESCALATION

Description Privilege Escalation in OpenText Dimensions RM allows an authenticated user to escalate there privilege to the privilege of another

CVE-2024-4267 : PARISNEO LOLLMS-WEBUI UP TO 9.5 OPEN_FILE COMMAND INJECTION

CVE-2024-4267 : PARISNEO LOLLMS-WEBUI UP TO 9.5 OPEN_FILE COMMAND INJECTION

Description A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within the ‘open_file’ module, version 9.5. The vulnerability