Xwiki Rendering
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Xwiki Rendering.
By the Year
In 2025 there have been 0 vulnerabilities in Xwiki Rendering. Rendering did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 6.10 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Rendering vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Xwiki Rendering Security Vulnerabilities
XWiki Platform is a generic wiki platform
CVE-2023-32070
6.1 - Medium
- May 10, 2023
XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. There are no known workarounds apart from upgrading to a fixed version.
Improper Neutralization of Script in Attributes in a Web Page
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Xwiki Rendering or by Xwiki? Click the Watch button to subscribe.
