Vulnerability Database

Published: Jan 20, 2021
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3137" target="_blank" rel="noopener"> CVE-2021-3137
GHSA: <a href="https://github.com/advisories/GHSA-43hg-g44q-474q" target="_blank" rel="noopener"> GHSA-43hg-g44q-474q
Severity: Medium
Exploit:

296,772

Total vulnerabilities in the database

XWiki 12.10.2 allows XSS via an SVG document to the upload feature of the comment section.

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
xwiki / xwiki	12.10.2	12.10.2.x
org.xwiki.commons / xwiki-commons	-	12.10.3

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.