Vulnerabilities > Xwiki > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-28 | CVE-2022-24898 | XXE vulnerability in Xwiki Commons org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. | 4.9 |
| 2022-04-08 | CVE-2022-24819 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
| 2022-04-08 | CVE-2022-24820 | Missing Authentication for Critical Function vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
| 2022-02-09 | CVE-2022-23620 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.4 |
| 2022-02-09 | CVE-2022-23621 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.9 |
| 2022-02-09 | CVE-2022-23622 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.1 |
| 2022-02-09 | CVE-2022-23615 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.4 |
| 2022-02-09 | CVE-2022-23617 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.5 |
| 2022-02-09 | CVE-2022-23618 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.1 |
| 2022-02-04 | CVE-2021-32732 | Cross-Site Request Forgery (CSRF) vulnerability in Xwiki ### Impact It's possible to know if a user has or not an account in a wiki related to an email address, and which username(s) is actually tied to that email by forging a request to the Forgot username page. | 6.5 |