CKEditor support status and future
|
|
3
|
44
|
March 28, 2025
|
New channel for security fixes announcements in XWiki
|
|
8
|
145
|
January 31, 2025
|
Drop Security type in Jira
|
|
6
|
139
|
December 10, 2024
|
Introduce a new space which access is reserved to admins by default
|
|
7
|
193
|
November 5, 2024
|
XWiki Instance hacked
|
|
8
|
377
|
August 2, 2024
|
Update the default reset password link timeout to a longer value
|
|
10
|
1463
|
March 25, 2024
|
Add friction in some UI for better security
|
|
5
|
453
|
February 14, 2024
|
Even remote code executions of type "Bug" instead of type "Security" on jira.xwiki.org
|
|
1
|
334
|
January 12, 2024
|
Security Policy Process Amendment
|
|
4
|
343
|
December 8, 2023
|
Access request to security group in Jira.xwiki.org
|
|
2
|
305
|
December 4, 2023
|
Jira tickets for security issues
|
|
4
|
1095
|
October 10, 2023
|
Security warnings when using the latest XWiki version
|
|
9
|
1006
|
September 26, 2023
|
Security Policy Amendment to analyze vulnerabilities in dependencies
|
|
2
|
378
|
July 20, 2023
|
Formalize CVSS "Privileges Required" level for XWiki advisories
|
|
6
|
675
|
May 16, 2023
|
CVSS computation best practice for XSS
|
|
4
|
795
|
May 16, 2023
|
Disclosing old fixed security issues
|
|
14
|
725
|
December 2, 2022
|
Security advisory template documented in Security policy
|
|
0
|
443
|
November 22, 2022
|
Security Policy Amendment: systematic vote for extending CVE embargo
|
|
5
|
446
|
November 4, 2022
|
Reminder about the importance of upgrading your XWiki instances
|
|
0
|
406
|
September 7, 2022
|
Add a .well-known/security.txt file in xwiki.org
|
|
6
|
1421
|
April 28, 2022
|
OpenID Connect Authenticator 1.29.1 released with important security fix
|
|
1
|
534
|
January 27, 2022
|
Log4J CVE-2021-44228 "Log4Shell" Zero-Day Vulnerability
|
|
1
|
3084
|
December 13, 2021
|
LTS updates with security issues
|
|
4
|
822
|
July 30, 2021
|
Security issues disclosure for current cycle
|
|
2
|
433
|
June 30, 2021
|
SonarCloud Review
|
|
3
|
2283
|
May 28, 2021
|
Get rid of @Programming annnotation
|
|
5
|
439
|
January 25, 2021
|
[CRITICAL] Authenticated server side code execution without programming rights on User Dashboards
|
|
0
|
416
|
May 16, 2020
|