Xwiki Xwiki-platform
228 CVEs affecting Xwiki Xwiki-platform. Latest disclosed: 2026-05-20. Critical: 101, High: 43.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-55877 | Critical | 10.0 | 2024-12-12 | XWiki Platform is a generic wiki platform. Starting in version 9.7-rc-1 and prior to versions 15.10.11, 16.4.1, and 16.5.0, any user with an account can perfor… |
CVE-2024-55662 | Critical | 10.0 | 2024-12-12 | XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where `Extension Reposito… |
CVE-2024-37901 | Critical | 10.0 | 2024-07-31 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit right on any page can perform arbit… |
CVE-2024-38369 | Critical | 10.0 | 2024-06-24 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included using `{{include re… |
CVE-2024-31997 | Critical | 10.0 | 2024-04-10 | XWiki Platform is a generic wiki platform. Prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, parameters of UI extensions are always interpreted as Velocity co… |
CVE-2024-31987 | Critical | 10.0 | 2024-04-10 | XWiki Platform is a generic wiki platform. Starting in version 6.4-milestone-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, any user who can edit any… |
CVE-2024-31984 | Critical | 10.0 | 2024-04-10 | XWiki Platform is a generic wiki platform. Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a sp… |
CVE-2024-31983 | Critical | 10.0 | 2024-04-10 | XWiki Platform is a generic wiki platform. In multilingual wikis, translations can be edited by any user who has edit right, circumventing the rights that are… |
CVE-2024-31982 | Critical | 10.0 | 2024-04-10 | XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search a… |
CVE-2024-31981 | Critical | 10.0 | 2024-04-10 | XWiki Platform is a generic wiki platform. Starting in version 3.0.1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, remote code execution is possible v… |
CVE-2024-31465 | Critical | 10.0 | 2024-04-10 | XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any… |
CVE-2024-21650 | Critical | 10.0 | 2024-01-08 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote code execution (RCE) a… |
CVE-2023-50723 | Critical | 10.0 | 2023-12-15 | XWiki Platform is a generic wiki platform. Starting in 2.3 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, anyone who can edit an arbitrary wiki page in… |
CVE-2023-50721 | Critical | 10.0 | 2023-12-15 | XWiki Platform is a generic wiki platform. Starting in 4.5-rc-1 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, the search administration interface does… |
CVE-2023-46243 | Critical | 10.0 | 2023-11-07 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to execu… |
CVE-2023-46731 | Critical | 10.0 | 2023-11-06 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki doesn't properly escape the section URL paramete… |
CVE-2023-37913 | Critical | 10.0 | 2023-10-25 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 3.5-milestone-1 and prior to versi… |
CVE-2023-37909 | Critical | 10.0 | 2023-10-25 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.1-rc-1 and prior to versions 14… |
CVE-2023-37462 | Critical | 10.0 | 2023-07-14 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document `SkinsCode.XWikiSkin… |
CVE-2023-36468 | Critical | 10.0 | 2023-06-29 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When an XWiki installation is upgraded and that upgrad… |