CVE-2024-55663 | xwiki-platform up to 13.10.4/14.2 request.sort request escape output (GHSA-wh34-m772-5398)

Posted by Angelo Barbosa | Dec 12, 2024 | CVE

A vulnerability has been found in xwiki-platform up to 13.10.4/14.2 and classified as problematic. This vulnerability affects the function request.sort. The manipulation of the argument request leads to escaping of output.

This vulnerability was named CVE-2024-55663. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-55663 | xwiki-platform up to 13.10.4/14.2 request.sort request escape output (GHSA-wh34-m772-5398)

Related Posts

CVE-2024-8738 | Seriously Simple Stats Plugin up to 1.6.0 on WordPress cross site scripting

CVE-2024-6443 | zephyrproject-rtos Zephyr up to 3.6 zephyr/lib/utils/utf8.c utf8_trunc last_byte_p out-of-bounds (GHSA-gg46-3rh2-v765)

CVE-2024-37317 | Nextcloud Notes App up to 4.9.2 Personal Note Notes/ access control

CVE-2024-2973 | Juniper Networks Session Smart Router authentication bypass (JSA83126)