CVE-2026-23734 | xwiki xwiki-commons up to 16.10.16/17.4.8/17.10.2/18.0.x Ssx/Jsx path traversal

Inserito da Angelo Barbosa | Mag 20, 2026 | CVE

A vulnerability was found in xwiki xwiki-commons up to 16.10.16/17.4.8/17.10.2/18.0.x. It has been declared as critical. This affects an unknown function of the component Ssx/Jsx. The manipulation results in relative path traversal.

This vulnerability is cataloged as CVE-2026-23734. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-23734 | xwiki xwiki-commons up to 16.10.16/17.4.8/17.10.2/18.0.x Ssx/Jsx path traversal

Post correlati

CVE-2024-26902 | Linux Kernel up to 6.6.22/6.7.10 RISCV null pointer dereference (3ede8e94de6b/9f599ba3b9cc/34b567868777)

CVE-2026-4006 | dartiss Draft List Plugin up to 2.6.2 on WordPress Shortcode WP_Post::__get cross site scripting

CVE-2025-15065 | Kings Information & Network KESS Enterprise prior 25.9.19 on Windows Local Privilege Escalation

CVE-2024-50704 | Uniguest Tripleplay up to 24.2.0 HTTP POST Request Remote Code Execution