XWiki security policy is detailed on the following document: https://dev.xwiki.org/xwiki/bin/view/Community/SecurityPolicy/.
Security: xwiki-contrib/application-changerequest
Security
SECURITY.md
-
Data leak of password hash through change requestsGHSA-2fr7-cc7p-p45q published
Dec 4, 2023 by surliHigh -
XSS and remote code execution through change request titleGHSA-f776-w9v2-7vfj published
Oct 12, 2023 by surliCritical
Learn more about advisories related to xwiki-contrib/application-changerequest in the GitHub Advisory Database