Vulnerability Name CVE Severity
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29526) CVE-2023-29526
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29527) CVE-2023-29527
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36469) CVE-2023-36469
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36470) CVE-2023-36470
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4641) CVE-2010-4641
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21380) CVE-2021-21380
XWiki Improper Preservation of Permissions Vulnerability (CVE-2021-21379) CVE-2021-21379
XWiki Improper Privilege Management Vulnerability (CVE-2023-26475) CVE-2023-26475
XWiki Improper Privilege Management Vulnerability (CVE-2023-34465) CVE-2023-34465
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476) CVE-2023-26476
XWiki Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-27480) CVE-2023-27480
XWiki Inadequate Encryption Strength Vulnerability (CVE-2022-29161) CVE-2022-29161
XWiki Incomplete Cleanup Vulnerability (CVE-2023-36468) CVE-2023-36468
XWiki Incorrect Authorization Vulnerability (CVE-2021-32620) CVE-2021-32620
XWiki Incorrect Authorization Vulnerability (CVE-2022-23615) CVE-2022-23615
XWiki Incorrect Authorization Vulnerability (CVE-2023-26056) CVE-2023-26056
XWiki Incorrect Authorization Vulnerability (CVE-2023-32069) CVE-2023-32069
XWiki Incorrect Authorization Vulnerability (CVE-2023-46244) CVE-2023-46244
XWiki Incorrect Authorization Vulnerability (CVE-2023-50732) CVE-2023-50732
XWiki Incorrect Authorization Vulnerability (CVE-2024-38369) CVE-2024-38369
XWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-32729) CVE-2021-32729
XWiki Incorrect Use of Privileged APIs Vulnerability (CVE-2022-24821) CVE-2022-24821
XWiki Insufficiently Protected Credentials Vulnerability (CVE-2022-41933) CVE-2022-41933
XWiki Missing Authentication for Critical Function Vulnerability (CVE-2022-24820) CVE-2022-24820
XWiki Missing Authorization Vulnerability (CVE-2022-23617) CVE-2022-23617
XWiki Missing Authorization Vulnerability (CVE-2022-31167) CVE-2022-31167
XWiki Missing Authorization Vulnerability (CVE-2022-36091) CVE-2022-36091
XWiki Missing Authorization Vulnerability (CVE-2022-41929) CVE-2022-41929
XWiki Missing Authorization Vulnerability (CVE-2022-41930) CVE-2022-41930
XWiki Missing Authorization Vulnerability (CVE-2022-41937) CVE-2022-41937
XWiki Missing Authorization Vulnerability (CVE-2023-37910) CVE-2023-37910
XWiki Missing Authorization Vulnerability (CVE-2023-41046) CVE-2023-41046
XWiki Missing Authorization Vulnerability (CVE-2024-43401) CVE-2024-43401
XWiki Other Vulnerability (CVE-2022-36090) CVE-2022-36090
XWiki Other Vulnerability (CVE-2022-41935) CVE-2022-41935
XWiki Other Vulnerability (CVE-2023-26478) CVE-2023-26478
XWiki Other Vulnerability (CVE-2023-29507) CVE-2023-29507
XWiki Out-of-bounds Write Vulnerability (CVE-2023-26470) CVE-2023-26470
XWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-7223) CVE-2006-7223
XWikiplatform Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-66473) CVE-2025-66473
XWikiplatform Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-40104) CVE-2026-40104
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31985) CVE-2024-31985
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31986) CVE-2024-31986
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31988) CVE-2024-31988
XWikiplatform CVE-2025-32972 Vulnerability (CVE-2025-32972) CVE-2025-32972
XWikiplatform CVE-2025-48063 Vulnerability (CVE-2025-48063) CVE-2025-48063
XWikiplatform CVE-2025-55749 Vulnerability (CVE-2025-55749) CVE-2025-55749
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54124) CVE-2025-54124
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54125) CVE-2025-54125
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31465) CVE-2024-31465
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31982) CVE-2024-31982
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31984) CVE-2024-31984
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31996) CVE-2024-31996
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899) CVE-2024-37899
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37900) CVE-2024-37900
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901) CVE-2024-37901
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877) CVE-2024-55877
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-24893) CVE-2025-24893
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49581) CVE-2025-49581
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-51991) CVE-2025-51991
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2024-55663) CVE-2024-55663
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2025-32974) CVE-2025-32974
XWikiplatform Improper Input Validation Vulnerability (CVE-2025-54385) CVE-2025-54385
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41947) CVE-2024-41947
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-32430) CVE-2025-32430
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-46558) CVE-2025-46558
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-51990) CVE-2025-51990
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-53835) CVE-2025-53835
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-66472) CVE-2025-66472
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-24128) CVE-2026-24128
XWikiplatform Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2026-40105) CVE-2026-40105
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-56158) CVE-2024-56158
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32429) CVE-2025-32429
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968) CVE-2025-32968
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32969) CVE-2025-32969