CVE-2024-23673: Apache Sling Servlets Resolver: Malicious code execution via path traversal

Affected versions: - Apache Sling Servlets Resolver before 2.11.0 Description: Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is

CVE-2023-38435: Apache Felix Healthcheck Webconsole Plugin: XSS in healthcheck webconsole plugin

Severity: moderate Affected versions: - Apache Felix Healthcheck Webconsole Plugin through 2.0.2 Description: An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior

CVE-2023-25621: Apache Sling does not allow to handle i18n content in a secure way

Severity: important Description: Privilege Escalation vulnerability in Apache Software Foundation Apache Sling. Any content author is able to create i18n dictionaries in the repository in a location the author has write access to. As these translations are used across the whole product, it

[ANN] Apache Cocoon 2.1.11 Released

/2.1/changes.html. The Apache Cocoon Project -- Carsten Ziegeler [EMAIL PROTECTED] For more information about Apache Cocoon 2.1.11, please go to http://cocoon.apache.org Changes with Apache Cocoon 2.1.11 *) Created XPathXMLFileModule to address issus with XMLFileModule. XPathXMLFileModule