Homepage

org.xwiki.platform:xwiki-platform-web-templates vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.xwiki.platform:xwiki-platform-web-templates package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • C
SQL Injection

[,16.10.6)[17.0.0-rc-1,17.3.0-rc-1)
  • H
Improper Encoding or Escaping of Output

[11.10.6,13.10.5)[14.0-rc-1,14.3-rc-1)
  • M
Improper Privilege Management

[,15.10-rc-1)
  • M
Cross-site Scripting (XSS)

[11.8-rc-1,15.10.8)[16.0.0-rc-1,16.3.0-rc-1)
  • M
Cross-site Scripting (XSS)

[12.0-rc-1,14.10.12)[15.0-rc-1,15.5-rc-1)
  • C
Cross-site Scripting (XSS)

[,14.10.12)[15.0-rc-1,15.5-rc-1)
  • C
Cross-site Scripting (XSS)

[,14.10.12)[15.0-rc-1,15.5-rc1)
  • C
Improper Encoding or Escaping of Output

[,14.10.12)[15.0-rc-1,15.5-rc-1)
  • C
Cross-site Scripting (XSS)

[4.1-milestone-2,14.10.5)[15.0-rc-1,15.1-rc-1)
  • C
Cross-site Scripting (XSS)

[2.5-milestone-2,14.10.5)[15.0-rc-1,15.1-rc-1)
  • C
Cross-site Scripting (XSS)

[3.4-milestone-1,14.10.5)[15.0-rc-1,15.1-rc-1)
  • M
Cross-site Scripting (XSS)

[,14.4.8)[14.5,14.10.5)[15.0-rc-1,15.1-rc-1)
  • C
Improper Encoding or Escaping of Output

[2.2-milestone-1,14.4.8)[14.10,14.10.4)
  • M
Access Control Bypass

[8.0-rc-1,14.10.1)
  • C
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

[7.0-rc-1,14.4.8)[14.5,14.10.3)
  • H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

[,13.10.11)[14.0-rc-1,14.4.8)[14.5,14.10.1)
  • H
Cross-site Scripting (XSS)

[1.9-milestone-2,13.10.10)[14.0-rc-1,14.4.6)[14.5,14.9)
  • L
Information Exposure

[13.9-rc-1,13.10.8)[14.0-rc-1,14.4.3)[14.5,14.7-rc-1)
  • M
Access Control Bypass

[1.3-rc-1,13.10.11)[14.0-rc-1,14.10)
  • M
Cross-site Request Forgery (CSRF)

[,13.10.6)[14.0-rc-1,14.4-rc-1)
  • M
Cross-site Scripting (XSS)

[,13.10.6)[14.0-rc-1,14.3-rc-1)
  • H
Authentication Bypass

[,13.10.5)[14.0-rc-1,14.3-rc-1)
  • H
Improper Authorization

[,13.10.4)[14.0-rc-1,14.3-rc-1)
  • M
Information Exposure

[,12.10.11)[13.0,13.4.4)[13.5-rc-1,13.9-rc-1)
  • M
Information Exposure

[,12.10.11)[13.0,13.4.4)[13.5-rc-1,13.9-rc-1)
  • H
Cross-site Scripting (XSS)

[,12.10.11)[13.0,13.4.7)[13.5-rc-1,14.0-rc-1)