CNNVD-202506-1792 Information
CNNVD ID
CNNVD-202506-1792
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
XWiki Platform是XWiki开源的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform 10.9至16.4.6版本、16.5.0-rc-1至16.10.2版本和17.0.0-rc-1版本存在安全漏洞,该漏洞源于REST API可访问页面标题,可能导致信息泄露。
Description (English)
XWiki Platform is an open source of XWiki ’ s Wiki platform for creating a Web collaborative application. XWiki Platform, versions 10.9 to 16.4.6, 16.5.0-rc-1 to 16.10.2 and 17.0.0-rc-1, contain security loopholes that originate from REST API-accessible page titles and may lead to the disclosure of information.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
XWiki
Published
2025-06-13
Last Modified
2026-02-24
References
https://github.com/xwiki/xwiki-platform/commit/ee642f973a7c95d2d146fe03c81bcdee1871f4ec https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-mvp5-qx9c-c3fv https://jira.xwiki.org/browse/XWIKI-22736 https://access.redhat.com/security/cve/cve-2025-49584
Patch
https://www.xwiki.org/xwiki/bin/view/Download/
Share on: