org.xwiki.platform:xwiki-platform-web (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.xwiki.platform:xwiki-platform-web, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (16)
CVE-2021-29459 — CVSS 9.6 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible to persistently…
CVE-2023-34464 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.2.1 until…
CVE-2023-45137 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. `org.xwiki.platform:xwiki-platform-…
CVE-2023-45135 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In `org.xwiki.platform:xwiki-platfo…
CVE-2023-45134 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. `org.xwiki.platform:xwiki-platform-…
CVE-2023-29207 — CVSS 8.9 (high): XWiki Commons are technical libraries common to several other top level XWiki projects. The Livetable Macro wasn't properly sanitizing…
CVE-2022-36094 — CVSS 8.9 (high): XWiki Platform Web Parent POM contains Web resources for the XWiki platform, a generic wiki platform. Starting with version 1.0 and prior…
CVE-2022-36093 — CVSS 8.5 (high): XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. By passing a template of the distribution wizard to…
CVE-2022-36091 — CVSS 7.5 (high): XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. Through the suggestion feature, string and list…
CVE-2023-26473 — CVSS 6.5 (medium): XWiki Platform is a generic wiki platform. Starting in version 1.3-rc-1, any user with edit right can execute arbitrary database select and…
CVE-2022-41933 — CVSS 6.2 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When the `reset a forgotten…
CVE-2026-26000 — CVSS 6.1 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Prior to 17.9.0, 17.4.6, and…
CVE-2022-24820 — CVSS 5.3 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to…
CVE-2022-23619 — CVSS 5.3 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible…
CVE-2021-32731 — CVSS 5.3 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Between (and including) versions…