Vulnerabilities > Xwiki > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-31 | CVE-2024-37900 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.6 |
| 2024-07-31 | CVE-2024-41947 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.4 |
| 2024-06-24 | CVE-2024-38369 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.3 |
| 2024-04-10 | CVE-2024-31985 | Cross-Site Request Forgery (CSRF) vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 5.4 |
| 2024-04-10 | CVE-2024-31464 | Use of Password Hash With Insufficient Computational Effort vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 4.9 |
| 2024-02-21 | CVE-2024-26138 | Unspecified vulnerability in Xwiki Application Licensing The XWiki licensor application, which manages and enforce application licenses for paid extensions, includes the document `Licenses.Code.LicenseJSON` that provides information for admins regarding active licenses. | 5.3 |
| 2024-01-09 | CVE-2024-21651 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.5 |
| 2023-12-21 | CVE-2023-50732 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.3 |
| 2023-12-15 | CVE-2023-50720 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 5.3 |
| 2023-12-04 | CVE-2023-49280 | Unspecified vulnerability in Xwiki Change Request XWiki Change Request is an XWiki application allowing to request changes on a wiki without publishing directly the changes. | 6.5 |