Vulnerability Name CVE Severity
XWikiplatform Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2025-58049) CVE-2025-58049
XWikiplatform Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2026-26000) CVE-2026-26000
XWikiplatform Incorrect Authorization Vulnerability (CVE-2024-55662) CVE-2024-55662
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-29924) CVE-2025-29924
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-32971) CVE-2025-32971
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-49586) CVE-2025-49586
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-53836) CVE-2025-53836
XWikiplatform Incorrect Privilege Assignment Vulnerability (CVE-2025-49580) CVE-2025-49580
XWikiplatform Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-49584) CVE-2025-49584
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49582) CVE-2025-49582
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49583) CVE-2025-49583
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49585) CVE-2025-49585
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49587) CVE-2025-49587
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31981) CVE-2024-31981
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31983) CVE-2024-31983
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31987) CVE-2024-31987
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31997) CVE-2024-31997
XWikiplatform Missing Authorization Vulnerability (CVE-2024-37898) CVE-2024-37898
XWikiplatform Missing Authorization Vulnerability (CVE-2024-45591) CVE-2024-45591
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55876) CVE-2024-55876
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55879) CVE-2024-55879
XWikiplatform Missing Authorization Vulnerability (CVE-2025-23025) CVE-2025-23025
XWikiplatform Missing Authorization Vulnerability (CVE-2025-29926) CVE-2025-29926
XWikiplatform Missing Authorization Vulnerability (CVE-2025-32973) CVE-2025-32973
XWikiplatform Missing Authorization Vulnerability (CVE-2025-46554) CVE-2025-46554
XWikiplatform Missing Authorization Vulnerability (CVE-2025-46557) CVE-2025-46557
XWikiplatform Missing Authorization Vulnerability (CVE-2026-33229) CVE-2026-33229
XWikiplatform Other Vulnerability (CVE-2024-46978) CVE-2024-46978
XWikiplatform Other Vulnerability (CVE-2024-46979) CVE-2024-46979
XWikiplatform Other Vulnerability (CVE-2025-29925) CVE-2025-29925
XWikiplatform Other Vulnerability (CVE-2025-32783) CVE-2025-32783
XWiki Platform RCE (CVE-2023-37462) CVE-2023-37462
XWikiplatform Relative Path Traversal Vulnerability (CVE-2025-55747) CVE-2025-55747
XWikiplatform Relative Path Traversal Vulnerability (CVE-2025-55748) CVE-2025-55748
XWikiplatform URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-32970) CVE-2025-32970
XWikiplatform Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-31464) CVE-2024-31464
XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240) CVE-2023-48240
XWiki Transmission of Private Resources into a New Sphere ('Resource Leak') Vulnerability (CVE-2023-38509) CVE-2023-38509
XWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-21651) CVE-2024-21651
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23618) CVE-2022-23618
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-29204) CVE-2023-29204
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-32068) CVE-2023-32068
XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-23619) CVE-2022-23619
XXE in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-22024) CVE-2024-22024
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-4092) CVE-2021-4092
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269) CVE-2022-0269
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111) CVE-2021-4111
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4117) CVE-2021-4117
YetiForce CRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-49508) CVE-2023-49508
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4107) CVE-2021-4107
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4116) CVE-2021-4116
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4121) CVE-2021-4121
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1340) CVE-2022-1340
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2829) CVE-2022-2829
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2885) CVE-2022-2885
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2890) CVE-2022-2890
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2924) CVE-2022-2924
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3000) CVE-2022-3000
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3002) CVE-2022-3002
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3004) CVE-2022-3004
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3005) CVE-2022-3005
YetiForce CRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-1411) CVE-2022-1411
Yii2 debug toolkit
Yii2 Gii extension
Yii2 weak secret key
Yii debug mode enabled
Yii running in dev mode
YOURLS Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-14537) CVE-2019-14537
YOURLS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0088) CVE-2022-0088
YOURLS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3824) CVE-2011-3824
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-8488) CVE-2014-8488
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27388) CVE-2020-27388
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3783) CVE-2021-3783
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3785) CVE-2021-3785
YOURLS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2021-3734) CVE-2021-3734