org.xwiki.platform:xwiki-platform-web-templates vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.xwiki.platform:xwiki-platform-web-templates package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Improper Encoding or Escaping of Output

[11.10.6,13.10.5)[14.0-rc-1,14.3-rc-1)
  • M
Improper Privilege Management

[,15.10-rc-1)
  • M
Cross-site Scripting (XSS)

[11.8-rc-1,15.10.8)[16.0.0-rc-1,16.3.0-rc-1)
  • M
Cross-site Scripting (XSS)

[12.0-rc-1,14.10.12)[15.0-rc-1,15.5-rc-1)
  • C
Cross-site Scripting (XSS)

[,14.10.12)[15.0-rc-1,15.5-rc-1)
  • C
Cross-Site Scripting (XSS)

[,14.10.12)[15.0-rc-1,15.5-rc1)
  • C
Improper Encoding or Escaping of Output

[,14.10.12)[15.0-rc-1,15.5-rc-1)
  • C
Cross-site Scripting (XSS)

[4.1-milestone-2,14.10.5)[15.0-rc-1,15.1-rc-1)
  • C
Cross-site Scripting (XSS)

[2.5-milestone-2,14.10.5)[15.0-rc-1,15.1-rc-1)
  • C
Cross-site Scripting (XSS)

[3.4-milestone-1,14.10.5)[15.0-rc-1,15.1-rc-1)
  • M
Cross-site Scripting (XSS)

[,14.4.8)[14.5,14.10.5)[15.0-rc-1,15.1-rc-1)
  • C
Improper Encoding or Escaping of Output

[2.2-milestone-1,14.4.8)[14.10,14.10.4)
  • M
Access Control Bypass

[8.0-rc-1,14.10.1)
  • C
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

[7.0-rc-1,14.4.8)[14.5,14.10.3)
  • H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

[,13.10.11)[14.0-rc-1,14.4.8)[14.5,14.10.1)
  • H
Cross-site Scripting (XSS)

[1.9-milestone-2,13.10.10)[14.0-rc-1,14.4.6)[14.5,14.9)
  • L
Information Exposure

[13.9-rc-1,13.10.8)[14.0-rc-1,14.4.3)[14.5,14.7-rc-1)
  • M
Access Control Bypass

[1.3-rc-1,13.10.11)[14.0-rc-1,14.10)
  • M
Cross-site Request Forgery (CSRF)

[,13.10.6)[14.0-rc-1,14.4-rc-1)
  • M
Cross-site Scripting (XSS)

[,13.10.6)[14.0-rc-1,14.3-rc-1)
  • H
Authentication Bypass

[,13.10.5)[14.0-rc-1,14.3-rc-1)
  • H
Improper Authorization

[,13.10.4)[14.0-rc-1,14.3-rc-1)
  • M
Information Exposure

[,12.10.11)[13.0,13.4.4)[13.5-rc-1,13.9-rc-1)
  • M
Information Exposure

[,12.10.11)[13.0,13.4.4)[13.5-rc-1,13.9-rc-1)
  • H
Cross-site Scripting (XSS)

[,12.10.11)[13.0,13.4.7)[13.5-rc-1,14.0-rc-1)