8 matches found
CVE-2025-55749
XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials...
CVE-2025-55749 The XWiki Jetty package (XJetty) allows accessing any application file through URL
XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials...
CVE-2025-55749 The XWiki Jetty package (XJetty) allows accessing any application file through URL
XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials...
CVE-2025-55749 The XWiki Jetty package (XJetty) allows accessing any application file through URL
XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials...
CVE-2025-55749
XWiki Jetty package (XJetty) exposes a context that allows static access to files under webapp/, leading to information disclosure of potentially credential-bearing files. Affected versions are 16.7.0–16.10.11, 17.4.4, and 17.7.0. The issue is fixed in 16.10.11, 17.4.4, and 17.7.0. Connected data...
XWiki Jetty Package (XJetty) allows accessing any application file through URL
Impact In an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials, like http://myhots/webapps/xwiki/WEB-INF/xwiki.cfg,...
GHSA-53GX-J3P6-2RW9 XWiki Jetty Package (XJetty) allows accessing any application file through URL
Impact In an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials, like http://myhots/webapps/xwiki/WEB-INF/xwiki.cfg,...
PT-2025-48545
Name of the Vulnerable Software and Affected Versions XWiki versions 16.7.0 through 16.10.11 XWiki versions 17.4.0 through 17.4.4 XWiki version 17.7.0 Description XWiki, an open-source wiki software platform, has an issue where the XWiki Jetty package XJetty exposes a context allowing static acce...