6 matches found
EUVD-2025-18299
Malicious code in bioql PyPI...
GHSA-59W6-R9HM-439H XWiki does not require right warnings for XClass definitions
Impact When an attacker without script or programming right creates an XClass definition in XWiki requires edit right, and that same document is later edited by a user with script, admin, or programming right, malicious code could be executed with the rights of the editing user without prior...
XWiki does not require right warnings for XClass definitions
Impact When an attacker without script or programming right creates an XClass definition in XWiki requires edit right, and that same document is later edited by a user with script, admin, or programming right, malicious code could be executed with the rights of the editing user without prior...
CVE-2025-49585 XWiki does not require right warnings for XClass definitions
XWiki is a generic wiki platform. In versions before 15.10.16, 16.0.0-rc-1 through 16.4.6, and 16.5.0-rc-1 through 16.10.1, when an attacker without script or programming right creates an XClass definition in XWiki requires edit right, and that same document is later edited by a user with script,...
CVE-2025-49585
XWiki vulnerability CVE-2025-49585 affects multiple pre-patched releases: before 15.10.16, 16.0.0-rc-1 → 16.4.6, and 16.5.0-rc-1 → 16.10.1. An attacker with no script/programming rights can create an XClass definition (requires edit rights), and if the same document is later edited by someone wit...
CVE-2025-49585 XWiki does not require right warnings for XClass definitions
XWiki is a generic wiki platform. In versions before 15.10.16, 16.0.0-rc-1 through 16.4.6, and 16.5.0-rc-1 through 16.10.1, when an attacker without script or programming right creates an XClass definition in XWiki requires edit right, and that same document is later edited by a user with script,...