org.xwiki.platform:xwiki-platform-web-templates (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.xwiki.platform:xwiki-platform-web-templates, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (24)
CVE-2023-29512 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on a…
CVE-2023-35160 — CVSS 9.6 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL…
CVE-2023-35159 — CVSS 9.6 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL…
CVE-2023-45136 — CVSS 9.6 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When document names are validated…
CVE-2023-45134 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. `org.xwiki.platform:xwiki-platform-…
CVE-2024-43401 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user without script/programming…
CVE-2024-41947 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By creating a conflict when…
CVE-2023-45137 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. `org.xwiki.platform:xwiki-platform-…
CVE-2023-45135 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In `org.xwiki.platform:xwiki-platfo…
CVE-2023-34464 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.2.1 until…
CVE-2023-40176 — CVSS 9.0 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any registered user can exploit a…
CVE-2023-29207 — CVSS 8.9 (high): XWiki Commons are technical libraries common to several other top level XWiki projects. The Livetable Macro wasn't properly sanitizing…
CVE-2022-36093 — CVSS 8.5 (high): XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. By passing a template of the distribution wizard to…
CVE-2022-36091 — CVSS 7.5 (high): XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. Through the suggestion feature, string and list…
CVE-2022-23622 — CVSS 7.4 (high): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is a…
CVE-2022-41933 — CVSS 6.2 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When the `reset a forgotten…
CVE-2025-32430 — CVSS 6.1 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-3…
CVE-2026-40105 — CVSS 6.1 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 10.4-rc-1, through…
CVE-2026-24128 — CVSS 6.1 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 7.0-milestone-2 through…
CVE-2025-66472 — CVSS 6.1 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through…
CVE-2022-24819 — CVSS 5.3 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to…
CVE-2023-29513 — CVSS 5.0 (medium): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. If guest has view right on any…
CVE-2022-36095 — CVSS 4.3 (medium): XWiki Platform is a generic wiki platform. Prior to versions 13.10.5 and 14.3, it is possible to perform a Cross-Site Request Forgery…
CVE-2023-29203 — CVSS 3.7 (low): XWiki Commons are technical libraries common to several other top level XWiki projects. It's possible to list some users who are normally…