2 matches found
The vulnerability of the XWiki platform for creating collaborative web applications lies in the lack of warnings about dangerous actions, allowing a violator to execute arbitrary code.
The vulnerability of the XWiki Platform lies in the modification of the XClass structure’s properties due to the absence of warnings about dangerous actions. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2025-49585 XWiki does not require right warnings for XClass definitions
XWiki is a generic wiki platform. In versions before 15.10.16, 16.0.0-rc-1 through 16.4.6, and 16.5.0-rc-1 through 16.10.1, when an attacker without script or programming right creates an XClass definition in XWiki requires edit right, and that same document is later edited by a user with script,...