Org.xwiki.platform:xwiki-platform-rest-server
This hub aggregates every CVE we track for Org.xwiki.platform:xwiki-platform-rest-server, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
3
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH3CRITICAL3
Monthly trend
0
0
1
0
0
0
0
0
1
2
0
1
0
0
0
1
0
1
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 10 most recently published vulnerabilities affecting Org.xwiki.platform:xwiki-platform-rest-server.
- CVE-2025-66473XWiki's REST APIs don't enforce any limits, leading to unavailability and OOM in large wikis7.5
- CVE-2025-52472XWiki Platform vulnerable to HQL injection via wiki and space search REST API9.8
- CVE-2025-49584XWiki makes title of inaccessible pages available through the class property values REST API7.5
- CVE-2025-46554XWiki missing authorization when accessing the wiki level attachments list and metadata via REST API5.3
- CVE-2025-32969org.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API9.8
- CVE-2025-29925XWiki allows unregistered users to access private pages information through REST endpoint5.3
- CVE-2024-45591XWiki Platform document history including authors of any page exposed to unauthorized actors5.3
- CVE-2023-37277XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API9.6
- CVE-2023-35151XWiki Platform may show email addresses in clear in REST results7.5
- CVE-2022-41936Exposure of Private Personal Information to an Unauthorized Actor in xwiki-platform-rest-server5.3
Product normalization is registry-driven with AI assist and human review. How it works