Security: YesWiki/yeswiki
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Authenticated (Admin) Server-Side Template Injection to Remote Code Execution via Bazar Semantic TemplatesGHSA-65p8-9433-jpcp published
Jun 2, 2026 by mrflosHigh -
SQL injection via the `recentchanges` action `period` argument leading to arbitrary DB readGHSA-89v6-j5x6-cmj3 published
Jun 2, 2026 by mrflosModerate -
Unauthenticated arbitrary page deletion via `{{erasespamedcomments}}` actionGHSA-6x7x-gcmf-7r8x published
Jun 2, 2026 by mrflosCritical -
Unauthenticated ActivityPub Signature-Verification Bypass via `!openssl_verify(...)` accepting `int(-1)`GHSA-mv28-wj57-f57g published
Jun 2, 2026 by mrflosHigh -
Unauthenticated Server-Side Request Forgery via ActivityPub `Signature.keyId`GHSA-vw42-752g-5mrp published
Jun 2, 2026 by mrflosHigh -
Second-Order SQL Injection in Page Delete API via Unescaped Page Tag (`ApiController::deletePage`)GHSA-8f2v-2qhj-gfwg published
Jun 2, 2026 by mrflosHigh -
Bazar form-field templates still apply `|raw('html')` to `field.label` / `field.hint` in attribute and label-body contexts — stored XSS in form renders (sibling class of commit `e6b66aa`)GHSA-xc7j-3g8q-9vh4 published
Jun 2, 2026 by mrflosModerate -
Reflected XSS via Unescaped Archived-Revision `time` Parameter in `handlers/page/show.php` in YesWikiGHSA-35f3-pg38-486f published
Jun 2, 2026 by mrflosModerate -
Reflected XSS via Unescaped `id` Parameter in Bazar Widget HTML Attributes in YesWikiGHSA-r5xw-gcgw-hwp5 published
Jun 2, 2026 by mrflosModerate -
YesWiki <= 4.6.x: Authenticated SQL Injection in ReactionManagerGHSA-4pf7-cc4r-g63h published
Jun 2, 2026 by mrflosHigh