Skip to main content

Commons

8 CVEs product

Monthly

CVE-2023-36471 Maven MEDIUM POC PATCH This Month

Xwiki commons is the common modules used by other XWiki top level projects. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Commons
NVD GitHub
CVSS 3.1
5.4
EPSS
1.0%
CVE-2023-29528 Maven CRITICAL POC PATCH Act Now

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE XSS Commons
NVD GitHub
CVSS 3.1
9.0
EPSS
1.3%
CVE-2023-26055 Maven CRITICAL POC PATCH Act Now

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection Commons
NVD GitHub
CVSS 3.1
9.9
EPSS
1.2%
CVE-2022-24898 Maven MEDIUM POC PATCH This Month

org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XXE Commons
NVD GitHub
CVSS 3.1
4.9
EPSS
1.4%
CVE-2014-8747 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Drupal Commons module 7.x-3.x before 7.x-3.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to content. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Commons
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-1908 MEDIUM PATCH This Month

The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Commons Commons Wikis
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2013-1907 MEDIUM This Month

The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Commons Commons Group
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-4483 MEDIUM PATCH This Month

The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Commons
NVD
CVSS 2.0
5.0
EPSS
0.4%
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Xwiki commons is the common modules used by other XWiki top level projects. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Commons
NVD GitHub
EPSS 1% CVSS 9.0
CRITICAL POC PATCH Act Now

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE XSS Commons
NVD GitHub
EPSS 1% CVSS 9.9
CRITICAL POC PATCH Act Now

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection Commons
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC PATCH This Month

org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XXE Commons
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Drupal Commons module 7.x-3.x before 7.x-3.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to content. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Commons
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Commons Commons Wikis
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Commons Commons Group
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Commons
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy