CVE-2025-58365 | xwiki-contrib application-blog up to 9.13 Content eval injection

Inserito da Angelo Barbosa | Set 8, 2025 | CVE

A vulnerability classified as critical was found in xwiki-contrib application-blog up to 9.13. The affected element is an unknown function. Such manipulation of the argument Content leads to improper neutralization of directives in dynamically evaluated code.

This vulnerability is referenced as CVE-2025-58365. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.

CVE-2025-58365 | xwiki-contrib application-blog up to 9.13 Content eval injection

Post correlati

CVE-2024-32083 | Varun Kumar Easy Logo Plugin up to 1.9.3 on WordPress cross site scripting

CVE-2021-47484 | Linux Kernel up to 5.14.15 octeontx2-af rvu_debugfs.c null pointer dereference (f1e3cd1cc802/c2d4c543f74c)

CVE-2022-43915 | IBM App Connect Enterprise Certified Container up to 12.1 permission assignment (XFDB-241037)

CVE-2024-33880 | VirtoSoftware Virto Bulk File Download for SharePoint 2019 5.5.44 Download.ashx information disclosure