CVE-2024-55662 | xwiki-platform up to 15.10.8/16.2.x neutralization of directives (GHSA-j2pq-22jj-4pm5)

Posted by Angelo Barbosa | Dec 12, 2024 | CVE

A vulnerability, which was classified as critical, has been found in xwiki-platform up to 15.10.8/16.2.x. Affected by this issue is some unknown functionality. The manipulation leads to improper neutralization of directives in statically saved code (‘static code injection’).

This vulnerability is handled as CVE-2024-55662. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-55662 | xwiki-platform up to 15.10.8/16.2.x neutralization of directives (GHSA-j2pq-22jj-4pm5)

Related Posts

CVE-2024-39125 | Roundup up to 2.3.x HTTP Referer Header cross site scripting

CVE-2024-40492 | Heartbeat Chat 15.2.1 setname cross site scripting

CVE-2024-30289 | Adobe Framemaker up to 2020.5/2022.3 stack-based overflow (apsb24-37)

CVE-2024-42389 | Cesanta Mongoose Web Server up to 7.14 TLS Packet out-of-range pointer offset