Vulnerabilities > Xwiki > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-19 CVE-2024-43401 Missing Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-862
8.0
8.0
2024-08-12 CVE-2024-42489 Injection vulnerability in Xwiki PRO Macros
Pro Macros provides XWiki rendering macros.
network
low complexity
xwiki CWE-74
8.8
8.8
2024-07-31 CVE-2024-37901 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-94
8.8
8.8
2024-01-09 CVE-2024-21648 Improper Handling of Insufficient Privileges vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-274
8.8
8.8
2023-12-15 CVE-2023-50719 Cleartext Storage of Sensitive Information vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-312
7.5
7.5
2023-12-15 CVE-2023-50721 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-94
8.8
8.8
2023-12-15 CVE-2023-50722 Cross-site Scripting vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-79
8.8
8.8
2023-12-15 CVE-2023-50723 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-94
8.8
8.8
2023-11-20 CVE-2023-48293 Cross-Site Request Forgery (CSRF) vulnerability in Xwiki
The XWiki Admin Tools Application provides tools to help the administration of XWiki.
network
low complexity
xwiki CWE-352
8.8
8.8
2023-11-20 CVE-2023-48240 Server-Side Request Forgery (SSRF) vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-918
8.8
8.8