Vulnerabilities > Xwiki > Xwiki > 14.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-02 | CVE-2023-26477 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 9.8 |
| 2023-03-02 | CVE-2023-26479 | Improper Handling of Exceptional Conditions vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 6.5 |
| 2023-03-02 | CVE-2023-26480 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 5.4 |
| 2022-11-23 | CVE-2022-41932 | Allocation of Resources Without Limits or Throttling vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
| 2022-11-23 | CVE-2022-41933 | Insufficiently Protected Credentials vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.5 |
| 2022-11-23 | CVE-2022-41931 | Eval Injection vulnerability in Xwiki xwiki-platform-icon-ui is vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). | 8.8 |
| 2022-11-23 | CVE-2022-41934 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2022-11-23 | CVE-2022-41935 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.3 |
| 2022-11-23 | CVE-2022-41928 | Eval Injection vulnerability in Xwiki XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml. | 8.8 |
| 2022-11-23 | CVE-2022-41930 | Missing Authorization vulnerability in Xwiki org.xwiki.platform:xwiki-platform-user-profile-ui is missing authorization to enable or disable users. | 8.2 |