Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

CMS

XWikiplatform

XWiki is a free and Open source wiki software platform written in Java with a design emphasis on extensibility. XWiki is an enterprise wiki. It includes WYSIWYG editing OpenDocument-based document import/export annotations and tagging and advanced permissions management.

Official Site:

https://xwiki.com/

Severity Summary:

Critical: 24 High: 101 Medium: 86 Low: 4
Reference
Title
Severity
CVE-2023-34465
XWiki Improper Privilege Management Vulnerability
High
CVE-2023-46242
XWiki Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2023-46244
XWiki Incorrect Authorization Vulnerability
High
CVE-2023-40573
XWiki Vulnerability
High
CVE-2023-36468
XWiki Incomplete Cleanup Vulnerability
High
CVE-2023-36469
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-37462
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code (Eval Injection) Vulnerability
High
CVE-2023-45135
XWiki Improper Encoding or Escaping of Output Vulnerability
High
CVE-2023-36470
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-26478
XWiki Other Vulnerability
High
CVE-2023-26470
XWiki Out-of-bounds Write Vulnerability
High
CVE-2020-11057
XWiki Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2023-40177
XWiki Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2022-36091
XWiki Missing Authorization Vulnerability
High
CVE-2023-37914
XWiki Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2023-48241
XWiki Vulnerability
High
CVE-2023-48240
XWiki Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2023-50719
XWiki Cleartext Storage of Sensitive Information Vulnerability
High
CVE-2023-35152
XWiki Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2023-29527
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-37909
XWiki Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2023-32069
XWiki Incorrect Authorization Vulnerability
High
CVE-2024-21648
XWiki Improper Handling of Insufficient Privileges Vulnerability
High
CVE-2022-41934
XWiki Improper Encoding or Escaping of Output Vulnerability
High
CVE-2023-37910
XWiki Missing Authorization Vulnerability
High
CVE-2022-36099
XWiki Improper Encoding or Escaping of Output Vulnerability
High
CVE-2022-36100
XWiki Improper Encoding or Escaping of Output Vulnerability
High
CVE-2023-35166
XWiki Vulnerability
High
CVE-2023-37913
XWiki Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2023-50721
XWiki Improper Control of Generation of Code (Code Injection) Vulnerability
High