Exposición de XWiki
Wikis334
score de exposición
39
sitios usan
1
en explotación
121
críticos
CVEs
245 resultadosCVE-2023-34467HIGHXWiki Platform may retrieve email addresses of all users EPSS 1.0%CVE-2021-32732HIGHCross-Site Request Forgery in xwiki-platformEPSS 0.9%CVE-2025-46554MEDIUMXWiki missing authorization when accessing the wiki level attachments list and metadata via REST APIEPSS 0.9%CVE-2023-29206CRITICALorg.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX pluginsEPSS 0.9%CVE-2022-23620MEDIUMPath traversal in xwiki-platform-skin-skinxEPSS 0.9%CVE-2022-23617MEDIUMMissing authorization in xwiki-platformEPSS 0.9%CVE-2023-29208HIGHData leak through deleted documents EPSS 0.9%CVE-2022-29252HIGHCross-site Scripting in XWiki Platform Wiki UI Main WikiEPSS 0.9%CVE-2022-29258HIGHCross-site Scripting in Filter Stream Converter Application in XWiki PlatformEPSS 0.9%CVE-2022-23621MEDIUMMissing authorization in xwiki-platformEPSS 0.9%CVE-2023-26471CRITICALXWiki Platform users may execute anything with superadmin right through comments and async macroEPSS 0.9%CVE-2025-29925HIGHXWiki allows unregistered users to access private pages information through REST endpointEPSS 0.9%CVE-2023-36471CRITICALHTML sanitizer allows form elements in restricted in org.xwiki.commons:xwiki-commons-xmlEPSS 0.9%CVE-2023-29507CRITICALorg.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthorsEPSS 0.9%CVE-2023-26476HIGHTwo XWiki Platform UIs Expose Sensitive Information to an Unauthorized ActorEPSS 0.9%CVE-2022-36090HIGHorg.xwiki.platform:xwiki-platform-oldcore Improper Authorization check for inactive usersEPSS 0.9%CVE-2025-66474HIGHXWiki vulnerable to remote code execution through insufficient protection against {{/html}} injectionEPSS 0.9%CVE-2021-43841MEDIUMXSS by SVG upload in xwiki-platformEPSS 0.9%CVE-2023-26470MEDIUMIn XWiki Platform, saving a document with a large object number leads to persistent OOM errorsEPSS 0.9%CVE-2023-34465CRITICALXWiki Platform's Mail.MailConfig can be edited by any user with edit rightsEPSS 0.9%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →