Vulnerabilities > Xwiki > Xwiki > 5.2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-23 | CVE-2022-41927 | Cross-Site Request Forgery (CSRF) vulnerability in Xwiki XWiki Platform is vulnerable to Cross-Site Request Forgery (CSRF) that may allow attackers to delete or rename tags without needing any confirmation. | 7.4 |
2022-11-23 | CVE-2022-41928 | Eval Injection vulnerability in Xwiki XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml. | 8.8 |
2022-11-22 | CVE-2022-41937 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.1 |
2022-09-08 | CVE-2022-36100 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform. | 8.8 |
2022-09-08 | CVE-2022-36091 | Missing Authorization vulnerability in Xwiki XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. | 7.5 |
2022-05-06 | CVE-2022-29161 | Inadequate Encryption Strength vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.8 |
2022-05-02 | CVE-2022-24897 | Path Traversal vulnerability in Xwiki APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. | 7.5 |
2022-04-08 | CVE-2022-24819 | Privacy Violation vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.0 |
2022-04-08 | CVE-2022-24820 | Missing Authentication for Critical Function vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
2022-02-09 | CVE-2022-23620 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.4 |