CRITICAL9.9CVE-2022-41934Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-menu-ui
from 0, < 13.10.8
HIGH8.8CVE-2023-37909Privilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheet