4 matches found
CVE-2025-66472
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...
CVE-2025-66472
XWiki DeleteApplication reflects XSS via a deletion confirmation message. Affected: XWiki Platform Flamingo Skin Resources and Web Templates from 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1. The attack executes attacker-supplied JavaScript when the victim clicks the No button. ...
CVE-2025-66472 XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...
CVE-2025-66472 XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...