CNNVD-202506-1785 Information
CNNVD ID
CNNVD-202506-1785
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
XWiki Platform是XWiki开源的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform存在安全漏洞,该漏洞源于权限分析器不完整,可能导致隐藏恶意内容。
Description (English)
XWiki Platform is an open source of XWiki ’ s Wiki platform for creating a Web collaborative application. There is a security loophole in XWiki Platform, which stems from the incomplete terms analyser and may lead to the concealment of malicious content.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
XWiki
Published
2025-06-13
Last Modified
2026-02-24
References
https://github.com/xwiki/xwiki-platform/commit/0a705e8e253cb871b804e25c53b2bde879c886bd https://github.com/xwiki/xwiki-platform/commit/3d451e957fe2b14459e9ac64172b4a0e4c46971c https://github.com/xwiki/xwiki-platform/commit/abdcefc0db27035b67329add836fd683e0cf92b8 https://github.com/xwiki/xwiki-platform/commit/cc74dc802efe0e2d3fa2ba3355dbadc51c5fd8c7 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-c32m-27pj-4xcj https://jira.xwiki.org/browse/XWIKI-22758 https://jira.xwiki.org/browse/XWIKI-22759 https://jira.xwiki.org/browse/XWIKI-22763 https://jira.xwiki.org/browse/XWIKI-22799 https://access.redhat.com/security/cve/cve-2025-49582
Patch
https://www.xwiki.org/xwiki/bin/view/Download/
Share on: