Vulnerability Name CVE Severity
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29212) CVE-2023-29212
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29214) CVE-2023-29214
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29509) CVE-2023-29509
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30537) CVE-2023-30537
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35150) CVE-2023-35150
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35152) CVE-2023-35152
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-37909) CVE-2023-37909
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-37914) CVE-2023-37914
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-40177) CVE-2023-40177
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46243) CVE-2023-46243
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50721) CVE-2023-50721
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50723) CVE-2023-50723
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654) CVE-2020-13654
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36099) CVE-2022-36099
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36100) CVE-2022-36100
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-41934) CVE-2022-41934
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-26472) CVE-2023-26472
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-45135) CVE-2023-45135
XWiki Improper Handling of Insufficient Privileges Vulnerability (CVE-2024-21648) CVE-2024-21648
XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-37913) CVE-2023-37913
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41928) CVE-2022-41928
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41931) CVE-2022-41931
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2023-29511) CVE-2023-29511
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2023-37462) CVE-2023-37462
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-50722) CVE-2023-50722
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15252) CVE-2020-15252
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29510) CVE-2023-29510
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29512) CVE-2023-29512
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29514) CVE-2023-29514
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29516) CVE-2023-29516
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29518) CVE-2023-29518
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29519) CVE-2023-29519
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29521) CVE-2023-29521
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29522) CVE-2023-29522
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29523) CVE-2023-29523
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29524) CVE-2023-29524
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29525) CVE-2023-29525
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29526) CVE-2023-29526
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29527) CVE-2023-29527
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36469) CVE-2023-36469
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36470) CVE-2023-36470
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4641) CVE-2010-4641
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21380) CVE-2021-21380
XWiki Improper Privilege Management Vulnerability (CVE-2023-26475) CVE-2023-26475
XWiki Improper Privilege Management Vulnerability (CVE-2023-34465) CVE-2023-34465
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476) CVE-2023-26476
XWiki Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-27480) CVE-2023-27480
XWiki Incomplete Cleanup Vulnerability (CVE-2023-36468) CVE-2023-36468
XWiki Incorrect Authorization Vulnerability (CVE-2023-32069) CVE-2023-32069
XWiki Incorrect Authorization Vulnerability (CVE-2023-46244) CVE-2023-46244
XWiki Incorrect Use of Privileged APIs Vulnerability (CVE-2022-24821) CVE-2022-24821
XWiki Missing Authorization Vulnerability (CVE-2022-36091) CVE-2022-36091
XWiki Missing Authorization Vulnerability (CVE-2022-41930) CVE-2022-41930
XWiki Missing Authorization Vulnerability (CVE-2022-41937) CVE-2022-41937
XWiki Missing Authorization Vulnerability (CVE-2023-37910) CVE-2023-37910
XWiki Missing Authorization Vulnerability (CVE-2024-43401) CVE-2024-43401
XWiki Other Vulnerability (CVE-2022-36090) CVE-2022-36090
XWiki Other Vulnerability (CVE-2023-26478) CVE-2023-26478
XWiki Other Vulnerability (CVE-2023-29507) CVE-2023-29507
XWiki Out-of-bounds Write Vulnerability (CVE-2023-26470) CVE-2023-26470
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31986) CVE-2024-31986
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31988) CVE-2024-31988
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31465) CVE-2024-31465
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31984) CVE-2024-31984
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899) CVE-2024-37899
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901) CVE-2024-37901
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877) CVE-2024-55877
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968) CVE-2025-32968
XWikiplatform Incorrect Authorization Vulnerability (CVE-2024-55662) CVE-2024-55662
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-29924) CVE-2025-29924
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31981) CVE-2024-31981
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31983) CVE-2024-31983
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31987) CVE-2024-31987
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31997) CVE-2024-31997
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55879) CVE-2024-55879