Browse all 18 CVE security advisories affecting xwikisas. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Xwikisas is an enterprise collaboration platform used for wiki, application development, and document management. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting attacks, and privilege escalation flaws, with 18 CVEs documented. The platform's Java-based architecture and extensive plugin ecosystem have introduced security challenges, particularly in input validation and access control. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests a need for rigorous patch management and security hardening. Its open-source nature allows for community-driven security improvements, though organizations should remain vigilant about emerging threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-52298 | macro-pdfviewer's preview in WYSIWYG editor allows accessing any PDF document as the last author — macro-pdfviewerCWE-615 | 7.5 | High | 2024-11-13 |
| CVE-2024-52299 | The PDF viewer macro allows accessing any attachment without access right checks — macro-pdfviewerCWE-340 | 7.5 | High | 2024-11-13 |
| CVE-2024-52300 | macro-pdfviewer has a XSS through the width parameter — macro-pdfviewerCWE-80 | 9.1 | Critical | 2024-11-13 |
| CVE-2024-30263 | The PDF Viewer macro can be used to view PDF attachments with restricted access — macro-pdfviewerCWE-200 | 7.7 | High | 2024-04-04 |
This page lists every published CVE security advisory associated with xwikisas. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.