Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/12/11 10:1 p.m.4 views

CVE-2025-66472

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...

6.5CVSS6.2AI score0.00463EPSS
Exploits1References1
CVE
CVE
added 2025/12/10 9:34 p.m.80 views

CVE-2025-66472

XWiki DeleteApplication reflects XSS via a deletion confirmation message. Affected: XWiki Platform Flamingo Skin Resources and Web Templates from 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1. The attack executes attacker-supplied JavaScript when the victim clicks the No button. ...

6.5CVSS5.8AI score0.00463EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/10 9:34 p.m.2 views

CVE-2025-66472 XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...

6.5CVSS5.8AI score0.00463EPSS
Exploits1References3
OSV
OSV
added 2025/12/10 9:34 p.m.4 views

CVE-2025-66472 XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...

6.5CVSS6.1AI score0.00463EPSS
Exploits1References5
Rows per page
Query Builder