CNNVD-202508-2320 Information

CNNVD ID

CNNVD-202508-2320

Related CVE

CVE-2025-51991

• CNNVD Published: 2025-08-20

Description (Chinese)

XWiki Platform是XWiki开源的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform 17.3.0及之前版本存在安全漏洞，该漏洞源于服务器端模板注入，可能导致执行任意模板逻辑。

Description (English)

XWiki Platform is an open source of XWiki ’ s Wiki platform for creating a Web collaborative application. There is a security gap in XWiki Platform 17.3 and previous versions, which stems from the injection of server-end templates, which may lead to the implementation of any template logic.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

XWiki

Published

2025-08-20

Last Modified

2026-02-24

References

https://xwiki.org https://github.com/malcxlmj/cve-writeups/blob/main/CVE-2025-51991.md https://access.redhat.com/security/cve/cve-2025-51991 https://nvd.nist.gov/vuln/detail/CVE-2025-51991

Patch

https://www.xwiki.org/xwiki/bin/view/Main/WebHome