PT-2025-14787 · Xwiki · Xwiki Jira Extension
Name of the Vulnerable Software and Affected Versions: XWiki JIRA extension versions prior to 8.6.5 Description: The issue allows any logged-in XWiki user to potentially access and display local files on the XWiki server host by exploiting the JIRA macro. This can be achieved by specifying a fake...