Vulnerabilities > Xwiki > Xwiki > 5.0.2

DATE CVE VULNERABILITY TITLE RISK
2022-11-23 CVE-2022-41928 Eval Injection vulnerability in Xwiki
XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml.
network
low complexity
xwiki CWE-95
8.8
8.8
2022-11-22 CVE-2022-41937 Missing Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-862
8.1
8.1
2022-09-08 CVE-2022-36100 Improper Encoding or Escaping of Output vulnerability in Xwiki
XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform.
network
low complexity
xwiki CWE-116
8.8
8.8
2022-09-08 CVE-2022-36091 Missing Authorization vulnerability in Xwiki
XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform.
network
low complexity
xwiki CWE-862
7.5
7.5
2022-05-06 CVE-2022-29161 Inadequate Encryption Strength vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-326
critical
 9.8
9.8
2022-05-02 CVE-2022-24897 Path Traversal vulnerability in Xwiki
APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity.
network
high complexity
xwiki CWE-22
7.5
7.5
2022-04-08 CVE-2022-24819 Privacy Violation vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-359
5.0
5.0
2022-04-08 CVE-2022-24820 Missing Authentication for Critical Function vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-306
5.3
5.3
2022-02-09 CVE-2022-23620 Improper Encoding or Escaping of Output vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-116
5.4
5.4
2022-02-09 CVE-2022-23621 Missing Authorization vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-862
4.9
4.9