| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-32729 | A user without PR can reset user authentication failures information | xwiki | xwiki-platform | Low | 2.0 | 2021-07-01 16:45:11 | Deep Dive |
| CVE-2021-32620 | Users registered with email verification can self re-activate their disabled accounts | xwiki | xwiki-platform | High | 8.8 | 2021-05-28 21:05:15 | Deep Dive |
| CVE-2021-32621 | Script injection without script or programming rights through Gadget titles | xwiki | xwiki-platform | High | 8.8 | 2021-05-28 21:05:11 | Deep Dive |
| CVE-2021-29459 | XSS Cross Site Scripting | xwiki | xwiki-platform | Critical | 9.6 | 2021-04-20 18:30:22 | Deep Dive |
| CVE-2021-21380 | Rating Script Service expose XWiki to SQL injection | xwiki | xwiki-platform | High | 7.7 | 2021-03-23 22:45:15 | Deep Dive |
| CVE-2021-21379 | It's possible to execute anything with the rights of the author of a macro which uses the {{wikimacrocontent}} macro | xwiki | xwiki-platform | High | 7.7 | 2021-03-12 17:30:15 | Deep Dive |
| CVE-2020-15252 | RCE in XWiki | xwiki | xwiki-platform | High | 8.5 | 2020-10-16 16:55:17 | Deep Dive |
| CVE-2020-15171 | Users with SCRIPT rights can execute arbitrary code in XWiki | xwiki | xwiki-platform | Medium | 6.6 | 2020-09-10 19:40:13 | Deep Dive |
| CVE-2020-11057 | Code Injection in XWiki Platform | xwiki | XWiki Platform | Critical | 9.9 | 2020-05-12 20:55:13 | Deep Dive |