foswiki

Top products

The 8 most recently published vulnerabilities affecting foswiki.

• CVE-2026-2861Foswiki Changes/Viewfile/Oops information disclosure5.3Feb 21, 2026
• CVE-2023-33756An issue in the SpreadSheetPlugin component of Foswiki v2.1.7 and below allows attackers to execute a directory traversal.7.5Aug 8, 2023
• CVE-2023-24698Insufficient parameter validation in the Foswiki::Sandbox component of Foswiki v2.1.7 and below allows attackers to perform a directory traversal via supplying a crafted web request.7.5Aug 8, 2023
• CVE-2013-1666Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.9.8Nov 1, 2019
• CVE-2012-6330The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large...5.0Jan 4, 2013
• CVE-2012-1004Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the ...2.1Feb 8, 2012
• CVE-2010-4215UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated users to gain privileges by modifying the GROUP and ALLOWTOPICCHANGE preferences in the topic preferences for Main.AdminGroup.6.5Nov 16, 2010
• CVE-2009-1434Cross-site request forgery (CSRF) vulnerability in Foswiki before 1.0.5 allows remote attackers to hijack the authentication of arbitrary users for requests that modify pages, change permissions, o...6.8Apr 30, 2009