CNNVD-202506-1783 Information

CNNVD ID

CNNVD-202506-1783

Related CVE

CVE-2025-49581

• CNNVD Published: 2025-06-13

Description (Chinese)

XWiki Platform是XWiki开源的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform存在安全漏洞，该漏洞源于用户可通过定义wiki宏执行代码，可能导致远程代码执行。

Description (English)

XWiki Platform is an open source of XWiki ’ s Wiki platform for creating a Web collaborative application. There is a security loophole in XWiki Platform, which stems from the fact that the user can execute the code by defining the wiki macro, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

XWiki

Published

2025-06-13

Last Modified

2026-02-24

References

https://github.com/xwiki/xwiki-platform/commit/c99d501ed41cbee6a3c02ff927714531570789de https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9875-cw22-f7cx https://jira.xwiki.org/browse/XWIKI-22760 https://access.redhat.com/security/cve/cve-2025-49581

Patch

https://www.xwiki.org/xwiki/bin/view/Download/