CNNVD-202508-3311 Information
CNNVD ID
CNNVD-202508-3311
Related CVE
- CNNVD Published: 2025-08-28
Description (Chinese)
XWiki Platform是XWiki开源的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform 16.4.8和17.4.0-rc-1之前版本存在安全漏洞,该漏洞源于PDF导出作业未加密存储敏感cookie。
Description (English)
XWiki Platform is an open source of XWiki ’ s Wiki platform for creating a Web collaborative application. A security loophole existed in the previous versions of XWiki Platform 16.4.8 and 17.4.0-rc-1, which originated from the unencrypted storage of sensitive cookies by PDF export operations.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
XWiki
Published
2025-08-28
Last Modified
2026-02-24
References
https://jira.xwiki.org/browse/XWIKI-23151 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9m7c-m33f-3429 https://github.com/xwiki/xwiki-platform/commit/60982ad0057b1701ed8297f28cad35d170686539 https://nvd.nist.gov/vuln/detail/CVE-2025-58049
Patch
https://www.xwiki.org/xwiki/bin/view/Main/WebHome
Share on: