pkg:Maven/org.xwiki.platform:xwiki-platform-legacy-oldcore

5 total CVEsCRITICAL1HIGH1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.9CVE-2023-26474XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
    >= 13.10, < 13.10.11
  • HIGH8.2CVE-2026-40104XWiki's REST APIs can list all pages/spaces, leading to unavailability
    >= 1.8-rc-1, < 16.10.16
  • CVE-2026-33229XWiki vulnerable to remote code execution with script right through unprotected Velocity scripting API
    >= 17.0.0-rc-1, < 17.4.8
  • CVE-2025-54125XWiki exposes passwords and emails stored in fields not named password/email in xml.vm
    >= 1.1, < 16.4.7
  • CVE-2025-54124XWiki leaks password hashes and other accessible password properties
    >= 9.8-rc-1, < 16.4.7