Vulnerabilities > Xwiki > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-15 | CVE-2023-29206 | Cross-site Scripting vulnerability in Xwiki XWiki Commons are technical libraries common to several other top level XWiki projects. | 5.4 |
| 2023-03-02 | CVE-2023-26056 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 5.4 |
| 2023-03-02 | CVE-2023-26473 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 6.5 |
| 2023-03-02 | CVE-2023-26479 | Improper Handling of Exceptional Conditions vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 6.5 |
| 2023-03-02 | CVE-2023-26480 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 5.4 |
| 2022-11-23 | CVE-2022-41932 | Allocation of Resources Without Limits or Throttling vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
| 2022-11-23 | CVE-2022-41933 | Insufficiently Protected Credentials vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.5 |
| 2022-11-23 | CVE-2022-41935 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.3 |
| 2022-11-23 | CVE-2022-41929 | Missing Authorization vulnerability in Xwiki org.xwiki.platform:xwiki-platform-oldcore is missing authorization in User#setDisabledStatus, which may allow an incorrectly authorized user with only Script rights to enable or disable a user. | 4.9 |
| 2022-05-31 | CVE-2022-29258 | Cross-site Scripting vulnerability in Xwiki XWiki Platform Filter UI provides a generic user interface to convert from a XWiki Filter input stream to an output stream with settings for each stream. | 4.3 |