Vulnerabilities > Xwiki > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-08 | CVE-2024-21650 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.8 |
| 2023-11-06 | CVE-2023-46731 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.8 |
| 2023-10-25 | CVE-2023-45134 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.0 |
| 2023-10-25 | CVE-2023-45136 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.6 |
| 2023-10-25 | CVE-2023-37908 | Cross-site Scripting vulnerability in Xwiki Xwiki-Rendering XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. | 9.6 |
| 2023-10-16 | CVE-2023-45144 | Cross-site Scripting vulnerability in Xwiki Oauth Identity com.xwiki.identity-oauth:identity-oauth-ui is a package to aid in building identity and service providers based on OAuth authorizations. | 9.6 |
| 2023-10-12 | CVE-2023-45138 | Cross-site Scripting vulnerability in Xwiki Change Request Change Request is an pplication allowing users to request changes on a wiki without publishing the changes directly. | 9.6 |
| 2023-07-10 | CVE-2023-37277 | Cross-Site Request Forgery (CSRF) vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.6 |
| 2023-05-09 | CVE-2023-32071 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 9.0 |
| 2023-05-09 | CVE-2023-31126 | Cross-site Scripting vulnerability in Xwiki 14.6/14.9 `org.xwiki.commons:xwiki-commons-xml` is an XML library used by the open-source wiki platform XWiki. | 9.6 |