Xwikisas Macro-pdfviewer
4 CVEs affecting Xwikisas Macro-pdfviewer. Latest disclosed: 2024-11-13. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-52300 | Critical | 9.1 | 2024-11-13 | macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any… |
CVE-2024-30263 | High | 7.7 | 2024-04-04 | macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Users with edit rights can access restricted PDF attachments using the PDF Viewer macro… |
CVE-2024-52298 | High | 7.5 | 2024-11-13 | macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the "Delegate my vie… |
CVE-2024-52299 | High | 7.5 | 2024-11-13 | macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in th… |