CNNVD-202509-240 Information
CNNVD ID
CNNVD-202509-240
Related CVE
- CNNVD Published: 2025-09-03
Description (Chinese)
XWiki Platform是XWiki开源的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform 6.1-milestone-2至16.10.6版本存在安全漏洞,该漏洞源于配置文件可通过webjars API访问。
Description (English)
XWiki Platform is an open source of XWiki ’ s Wiki platform for creating a Web collaborative application. Security loopholes exist in versions 6.1-milestone-2 to 16.10.6 of the XWiki Platform, which originate from the fact that the configuration document can be accessed through webjars API.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
XWiki
Published
2025-09-03
Last Modified
2026-02-24
References
https://github.com/xwiki/xwiki-platform/commit/9e7b4c03f2143978d891109a17159f73d4cdd318#diff-45ea9c87d5fb68cd5db0da7f78cf25e76f1325f5fe56e21618b21786fc706236R80-R81 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qww7-89xh-x7m7 https://jira.xwiki.org/browse/XWIKI-19350
Patch
https://www.xwiki.org/xwiki/bin/view/Main/WebHome
Share on: