CVE-2024-55663 | xwiki-platform up to 13.10.4/14.2 request.sort request escape output (GHSA-wh34-m772-5398)

Posted by Angelo Barbosa | Dec 12, 2024 | CVE

A vulnerability has been found in xwiki-platform up to 13.10.4/14.2 and classified as problematic. This vulnerability affects the function request.sort. The manipulation of the argument request leads to escaping of output.

This vulnerability was named CVE-2024-55663. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-55663 | xwiki-platform up to 13.10.4/14.2 request.sort request escape output (GHSA-wh34-m772-5398)

Related Posts

CVE-2024-33538 | Fastline Media Assistant Plugin up to 1.4.9.1 on WordPress information disclosure

CVE-2024-38456 | Vivavis High-Leit up to 4.25.01.01/5.08.01.03 HL-InstallService-hlxw/HL-InstallService-hlnt Local Privilege Escalation

CVE-2024-31483 | Aruba InstantOS/ArubaOS PAPI Protocol information disclosure (ARUBA-PSA-2024-006)

CVE-2024-27376 | Samsung Exynos 1330 slsi_nan_subscribe_get_nl_params heap-based overflow