Vulnerability Name CVE Severity
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32732) CVE-2021-32732
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-36095) CVE-2022-36095
XWiki CVE-2023-26473 Vulnerability (CVE-2023-26473) CVE-2023-26473
XWiki CVE-2023-50720 Vulnerability (CVE-2023-50720) CVE-2023-50720
XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2022-24819) CVE-2022-24819
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-29203) CVE-2023-29203
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-37911) CVE-2023-37911
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32731) CVE-2021-32731
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-34466) CVE-2023-34466
XWiki Files or Directories Accessible to External Parties Vulnerability (CVE-2022-23621) CVE-2022-23621
XWiki Improper Access Control Vulnerability (CVE-2023-29513) CVE-2023-29513
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-32621) CVE-2021-32621
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-23620) CVE-2022-23620
XWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-26479) CVE-2023-26479
XWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-29520) CVE-2023-29520
XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-24897) CVE-2022-24897
XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-29253) CVE-2022-29253
XWiki Improper Neutralization of Alternate XSS Syntax Vulnerability (CVE-2023-35158) CVE-2023-35158
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4642) CVE-2010-4642
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16277) CVE-2018-16277
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3137) CVE-2021-3137
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29459) CVE-2021-29459
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23622) CVE-2022-23622
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29251) CVE-2022-29251
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29252) CVE-2022-29252
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29258) CVE-2022-29258
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36097) CVE-2022-36097
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-26480) CVE-2023-26480
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29205) CVE-2023-29205
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29206) CVE-2023-29206
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29506) CVE-2023-29506
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29508) CVE-2023-29508
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29515) CVE-2023-29515
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-32070) CVE-2023-32070
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34464) CVE-2023-34464
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35153) CVE-2023-35153
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35155) CVE-2023-35155
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35156) CVE-2023-35156
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35157) CVE-2023-35157
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35159) CVE-2023-35159
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35160) CVE-2023-35160
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35161) CVE-2023-35161
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35162) CVE-2023-35162
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36477) CVE-2023-36477
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40176) CVE-2023-40176
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45137) CVE-2023-45137
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-46732) CVE-2023-46732
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43400) CVE-2024-43400
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15171) CVE-2020-15171
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-23616) CVE-2022-23616
XWiki Improper Preservation of Permissions Vulnerability (CVE-2021-21379) CVE-2021-21379
XWiki Incorrect Authorization Vulnerability (CVE-2021-32620) CVE-2021-32620
XWiki Incorrect Authorization Vulnerability (CVE-2022-23615) CVE-2022-23615
XWiki Incorrect Authorization Vulnerability (CVE-2023-26056) CVE-2023-26056
XWiki Incorrect Authorization Vulnerability (CVE-2023-50732) CVE-2023-50732
XWiki Incorrect Authorization Vulnerability (CVE-2024-38369) CVE-2024-38369
XWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-32729) CVE-2021-32729
XWiki Insufficiently Protected Credentials Vulnerability (CVE-2022-41933) CVE-2022-41933
XWiki Missing Authentication for Critical Function Vulnerability (CVE-2022-24820) CVE-2022-24820
XWiki Missing Authorization Vulnerability (CVE-2022-23617) CVE-2022-23617
XWiki Missing Authorization Vulnerability (CVE-2022-31167) CVE-2022-31167
XWiki Missing Authorization Vulnerability (CVE-2022-41929) CVE-2022-41929
XWiki Missing Authorization Vulnerability (CVE-2023-41046) CVE-2023-41046
XWiki Other Vulnerability (CVE-2022-41935) CVE-2022-41935
XWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-7223) CVE-2006-7223
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31985) CVE-2024-31985
XWikiplatform CVE-2025-32972 Vulnerability (CVE-2025-32972) CVE-2025-32972
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37900) CVE-2024-37900
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41947) CVE-2024-41947
XWikiplatform Missing Authorization Vulnerability (CVE-2024-37898) CVE-2024-37898
XWikiplatform Missing Authorization Vulnerability (CVE-2024-45591) CVE-2024-45591
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55876) CVE-2024-55876
XWikiplatform Other Vulnerability (CVE-2024-46978) CVE-2024-46978
XWikiplatform Other Vulnerability (CVE-2024-46979) CVE-2024-46979
XWikiplatform Other Vulnerability (CVE-2025-29925) CVE-2025-29925