Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

XWikiplatform

XWiki is a free and Open source wiki software platform written in Java with a design emphasis on extensibility. XWiki is an enterprise wiki. It includes WYSIWYG editing OpenDocument-based document import/export annotations and tagging and advanced permissions management.

Official Site:

https://xwiki.com/

Severity Summary:

Critical: 24 High: 102 Medium: 86 Low: 4
Reference
Title
Severity
CVE-2023-29526
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2020-13654
XWiki Improper Encoding or Escaping of Output Vulnerability
High
CVE-2023-29516
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29213
XWiki Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2023-29518
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29519
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29523
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29527
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29522
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29512
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29510
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29525
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29514
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2023-29524
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2024-37901
XWikiplatform Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2023-29521
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2025-48063
XWikiplatform Vulnerability
High
CVE-2023-29214
XWiki Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2022-41930
XWiki Missing Authorization Vulnerability
High
CVE-2022-24821
XWiki Incorrect Use of Privileged APIs Vulnerability
High
CVE-2022-23619
XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability
High
CVE-2020-15252
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2022-36090
XWiki Other Vulnerability
High
CVE-2022-31166
XWiki Vulnerability
High
CVE-2022-36092
XWiki Improper Authentication Vulnerability
High
CVE-2022-36093
XWiki Improper Authentication Vulnerability
High
CVE-2021-21380
XWiki Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2022-41936
XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability
High
CVE-2022-41937
XWiki Missing Authorization Vulnerability
High
CVE-2022-41927
XWiki Cross-Site Request Forgery (CSRF) Vulnerability
High