Vulnerabilities > Xwiki > Xwiki > 12.10.7

DATE CVE VULNERABILITY TITLE RISK
2022-02-09 CVE-2022-23620 Improper Encoding or Escaping of Output vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-116
5.4
5.4
2022-02-09 CVE-2022-23621 Missing Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-862
4.9
4.9
2022-02-09 CVE-2022-23622 Cross-site Scripting vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
xwiki CWE-79
4.3
4.3
2022-02-09 CVE-2022-23615 Incorrect Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-863
5.5
5.5
2022-02-09 CVE-2022-23616 Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-74
6.5
6.5
2022-02-09 CVE-2022-23619 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-640
5.0
5.0
2021-05-28 CVE-2021-32620 Incorrect Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-863
4.0
4.0