Vulnerabilities > Xwiki
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-02 | CVE-2023-26478 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 8.1 |
| 2023-03-02 | CVE-2023-26479 | Improper Handling of Exceptional Conditions vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 6.5 |
| 2023-03-02 | CVE-2023-26480 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 5.4 |
| 2023-01-04 | CVE-2023-22457 | Cross-Site Request Forgery (CSRF) vulnerability in Xwiki Ckeditor Integration CKEditor Integration UI adds support for editing wiki pages using CKEditor. | 8.8 |
| 2022-11-23 | CVE-2022-41932 | Allocation of Resources Without Limits or Throttling vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
| 2022-11-23 | CVE-2022-41933 | Insufficiently Protected Credentials vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.5 |
| 2022-11-23 | CVE-2022-41931 | Eval Injection vulnerability in Xwiki xwiki-platform-icon-ui is vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). | 8.8 |
| 2022-11-23 | CVE-2022-41934 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2022-11-23 | CVE-2022-41935 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.3 |
| 2022-11-23 | CVE-2022-41927 | Cross-Site Request Forgery (CSRF) vulnerability in Xwiki XWiki Platform is vulnerable to Cross-Site Request Forgery (CSRF) that may allow attackers to delete or rename tags without needing any confirmation. | 7.4 |