pkg:Maven/org.xwiki.commons:xwiki-commons-xml

All known vulnerabilities

• CRITICAL9.9CVE-2023-26055XWiki Platform may allow privilege escalation to programming rights via user's first name
  >= 3.1-milestone-1, < 13.10.9
• CRITICAL9.0CVE-2023-36471org.xwiki.commons:xwiki-commons-xml's HTML sanitizer allows form elements in restricted
  >= 14.6-rc-1, < 14.10.6
• CRITICAL9.0CVE-2023-31126Improper Neutralization of Invalid Characters in Data Attribute Names in org.xwiki.commons:xwiki-commons-xml
  >= 14.6-rc-1, < 14.10.4
• CRITICAL9.0Cross-site Scripting in org.xwiki.commons:xwiki-commons-xml
  >= 4.2-milestone-1, < 14.10
• CRITICAL9.0org.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
  >= 4.2-milestone-1, < 14.6-rc-1
• MEDIUM4.9Arbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xml
  >= 2.7, < 12.10.10