Vulnerabilities > Xwiki > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-09 CVE-2022-23615 Incorrect Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-863
5.5
5.5
2022-02-09 CVE-2022-23616 Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-74
6.5
6.5
2022-02-09 CVE-2022-23617 Missing Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-862
4.0
4.0
2022-02-09 CVE-2022-23618 Open Redirect vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
xwiki CWE-601
5.8
5.8
2022-02-09 CVE-2022-23619 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-640
5.0
5.0
2022-02-04 CVE-2021-32732 Cross-Site Request Forgery (CSRF) vulnerability in Xwiki
### Impact It's possible to know if a user has or not an account in a wiki related to an email address, and which username(s) is actually tied to that email by forging a request to the Forgot username page.
network
xwiki CWE-352
4.3
4.3
2021-07-01 CVE-2021-32731 Information Exposure vulnerability in Xwiki 13.1
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-200
5.3
5.3
2021-07-01 CVE-2021-32730 Cross-Site Request Forgery (CSRF) vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
xwiki CWE-352
4.3
4.3
2021-07-01 CVE-2021-32729 Incorrect Permission Assignment for Critical Resource vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-732
5.5
5.5
2021-05-28 CVE-2021-32620 Incorrect Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-863
4.0
4.0