Vulnerabilities > Xwiki > Xwiki > 5.4.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-02 | CVE-2022-24897 | Path Traversal vulnerability in Xwiki APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. | 7.5 |
| 2022-04-08 | CVE-2022-24819 | Privacy Violation vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.0 |
| 2022-04-08 | CVE-2022-24820 | Missing Authentication for Critical Function vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
| 2022-02-09 | CVE-2022-23620 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.4 |
| 2022-02-09 | CVE-2022-23621 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.9 |
| 2022-02-09 | CVE-2022-23622 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.3 |
| 2022-02-09 | CVE-2022-23615 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.5 |
| 2022-02-09 | CVE-2022-23616 | Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.5 |
| 2022-02-09 | CVE-2022-23617 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.0 |
| 2022-02-09 | CVE-2022-23618 | Open Redirect vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.8 |