Vulnerabilities > Xwiki > High

DATE CVE VULNERABILITY TITLE RISK
2023-01-04 CVE-2023-22457 Unspecified vulnerability in Xwiki Ckeditor Integration
CKEditor Integration UI adds support for editing wiki pages using CKEditor.
network
low complexity
xwiki
8.8
8.8
2022-11-23 CVE-2022-41931 Unspecified vulnerability in Xwiki
xwiki-platform-icon-ui is vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection').
network
low complexity
xwiki
8.8
8.8
2022-11-23 CVE-2022-41934 Improper Encoding or Escaping of Output vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-116
8.8
8.8
2022-11-23 CVE-2022-41927 Unspecified vulnerability in Xwiki
XWiki Platform is vulnerable to Cross-Site Request Forgery (CSRF) that may allow attackers to delete or rename tags without needing any confirmation.
network
low complexity
xwiki
7.4
7.4
2022-11-23 CVE-2022-41928 Unspecified vulnerability in Xwiki
XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml.
network
low complexity
xwiki
8.8
8.8
2022-11-23 CVE-2022-41930 Unspecified vulnerability in Xwiki
org.xwiki.platform:xwiki-platform-user-profile-ui is missing authorization to enable or disable users.
network
low complexity
xwiki
8.2
8.2
2022-11-22 CVE-2022-41936 Unspecified vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki
7.5
7.5
2022-11-22 CVE-2022-41937 Unspecified vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki
8.1
8.1
2022-11-04 CVE-2022-39387 Improper Authentication vulnerability in Xwiki Openid Connect
XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki.
network
low complexity
xwiki CWE-287
7.5
7.5
2022-09-08 CVE-2022-36099 Improper Encoding or Escaping of Output vulnerability in Xwiki
XWiki Platform Wiki UI Main Wiki is software for managing subwikis on XWiki Platform, a generic wiki platform.
network
low complexity
xwiki CWE-116
8.8
8.8