Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2013-0248

Date: June 17, 2013

Overview

In xwiki-platform versions xwiki-platform-5.0 through xwiki-platform-5.1 are vulnerable to XSS

Details

In xwiki-platform versions xwiki-platform-5.0 through xwiki-platform-5.1 are vulnerable to XSS when displaying unsanitized space name

Affected Environments

Xwiki-platform-5.0 through xwiki-platform-5.1

Prevention

Upgrade to xwiki-platform-5.2

Language: Java

Good to know:

icon

Cross-Site Scripting (XSS)

CWE-79
icon

Upgrade Version

Upgrade to version xwiki-platform-5.2

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope (S): Changed
Confidentiality (C): Low
Integrity (I): Low
Availability (A): None

Related Resources (2)

https://github.com/xwiki/xwiki-platform/commit/88263bd624e64765ed98428abca6c00f93b81399#diff-dc7bd43a06ae45bb93e38515eff46ba1247ba229d5c0d8197d49b283c71bd645R1570
https://www.mend.io/vulnerability-database/WS-2013-0248