Vulnerabilities > Xwiki > Xwiki > 1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-08 | CVE-2022-24820 | Missing Authentication for Critical Function vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
| 2022-02-09 | CVE-2022-23620 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.4 |
| 2022-02-09 | CVE-2022-23621 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.9 |
| 2020-12-31 | CVE-2020-13654 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform before 12.8 mishandles escaping in the property displayer. | 7.5 |
| 2010-12-30 | CVE-2010-4642 | Cross-Site Scripting vulnerability in Xwiki Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-12-30 | CVE-2010-4641 | SQL Injection vulnerability in Xwiki SQL injection vulnerability in XWiki Enterprise before 2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |