Xwiki Xwiki-commons
9 CVEs affecting Xwiki Xwiki-commons. Latest disclosed: 2026-05-20. Critical: 6, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-31996 | Critical | 10.0 | 2024-04-10 | XWiki Platform is a generic wiki platform. Starting in version 3.0.1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, the HTML escaping of escaping tool… |
CVE-2023-26055 | Critical | 10.0 | 2023-03-02 | XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profil… |
CVE-2023-36471 | Critical | 9.1 | 2023-06-29 | Xwiki commons is the common modules used by other XWiki top level projects. The HTML sanitizer that is included in XWiki since version 14.6RC1 allowed form and… |
CVE-2023-31126 | Critical | 9.1 | 2023-05-09 | `org.xwiki.commons:xwiki-commons-xml` is an XML library used by the open-source wiki platform XWiki. The HTML sanitizer, introduced in version 14.6-rc-1, allow… |
CVE-2023-29528 | Critical | 9.1 | 2023-04-20 | XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in versi… |
CVE-2023-29201 | Critical | 9.1 | 2023-04-15 | XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in versi… |
CVE-2022-24897 | High | 7.5 | 2022-05-02 | APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. Starting with version 2.3 and prior to 12.6.7, 12.10.3, and 13… |
CVE-2022-24898 | Medium | 4.9 | 2022-04-28 | org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. Starting in version 2.7 and prior to versions 12.10.10, 13.4.4… |
CVE-2026-23734 | | 2026-05-20 | XWiki Platform is a generic wiki platform. Versions prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17 allow access to read configuration files by using URLs… |