Vulnerabilities > Xwiki

DATE CVE VULNERABILITY TITLE RISK
2021-07-01 CVE-2021-32731 Exposure of Resource to Wrong Sphere vulnerability in Xwiki 13.1
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-668
5.0
2021-07-01 CVE-2021-32730 Cross-Site Request Forgery (CSRF) vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
xwiki CWE-352
4.3
2021-07-01 CVE-2021-32729 Improper Authentication vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-287
5.5
2021-05-28 CVE-2021-32621 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-94
6.5
2021-05-28 CVE-2021-32620 Improper Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-285
4.0
2021-04-20 CVE-2021-29459 Cross-site Scripting vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
xwiki CWE-79
4.3
2021-03-23 CVE-2021-21380 SQL Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-89
6.5
2021-03-12 CVE-2021-21379 Improper Preservation of Permissions vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
xwiki CWE-281
3.5
2021-01-20 CVE-2021-3137 Cross-site Scripting vulnerability in Xwiki 12.10.2
XWiki 12.10.2 allows XSS via an SVG document to the upload feature of the comment section.
network
xwiki CWE-79
3.5
2020-12-31 CVE-2020-13654 Improper Encoding or Escaping of Output vulnerability in Xwiki
XWiki Platform before 12.8 mishandles escaping in the property displayer.
network
low complexity
xwiki CWE-116
5.0