Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.xwiki.platform/xwiki-platform-search-ui@2.4-milestone-1
purl pkg:maven/org.xwiki.platform/xwiki-platform-search-ui@2.4-milestone-1
Next non-vulnerable version 14.10.15
Latest non-vulnerable version 15.10.2
Risk
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-j7hm-1eg7-53e2
Aliases:
CVE-2024-31982
GHSA-2858-8cfx-69m9
XWiki Platform: Remote code execution as guest via DatabaseSearch XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation.
14.10.20
Affected by 0 other vulnerabilities.
15.5.4
Affected by 0 other vulnerabilities.
15.10-rc-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-31T01:02:43.681199+00:00 GHSA Importer Affected by VCID-j7hm-1eg7-53e2 https://github.com/advisories/GHSA-2858-8cfx-69m9 38.6.0
2026-05-30T21:03:49.734279+00:00 GitLab Importer Affected by VCID-j7hm-1eg7-53e2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.xwiki.platform/xwiki-platform-search-ui/CVE-2024-31982.yml 38.6.0