Vulnerabilities > Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-14 | CVE-2023-37462 | Eval Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2023-04-16 | CVE-2023-29511 | Eval Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2022-11-23 | CVE-2022-41931 | Eval Injection vulnerability in Xwiki xwiki-platform-icon-ui is vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). | 8.8 |
| 2022-11-23 | CVE-2022-41928 | Eval Injection vulnerability in Xwiki XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml. | 8.8 |
| 2021-07-14 | CVE-2021-33678 | Eval Injection vulnerability in SAP Netweaver Application Server Abap A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the application. | 6.5 |