Vulnerabilities > Xwiki > Xwiki > 2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-24 | CVE-2023-40572 | Cross-Site Request Forgery (CSRF) vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.0 |
| 2023-08-24 | CVE-2023-40573 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2023-08-17 | CVE-2023-37914 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2023-07-10 | CVE-2023-37277 | Cross-Site Request Forgery (CSRF) vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.6 |
| 2023-06-23 | CVE-2023-35160 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.1 |
| 2023-03-02 | CVE-2023-26470 | Out-of-bounds Write vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 7.5 |
| 2022-09-08 | CVE-2022-36091 | Missing Authorization vulnerability in Xwiki XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. | 7.5 |
| 2022-05-06 | CVE-2022-29161 | Inadequate Encryption Strength vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.8 |
| 2022-02-09 | CVE-2022-23621 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.9 |
| 2020-12-31 | CVE-2020-13654 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform before 12.8 mishandles escaping in the property displayer. | 7.5 |