CVE-2025-32973 | xwiki xwiki-platform up to 15.10.11/16.4.2/16.7.x XWiki.ComponentClass authorization (GHSA-x7wv-5qg4-vmr6)

Inserito da Angelo Barbosa | Apr 30, 2025 | CVE

A vulnerability was found in xwiki xwiki-platform up to 15.10.11/16.4.2/16.7.x. It has been classified as problematic. Affected is the function XWiki.ComponentClass. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-32973. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-32973 | xwiki xwiki-platform up to 15.10.11/16.4.2/16.7.x XWiki.ComponentClass authorization (GHSA-x7wv-5qg4-vmr6)

Post correlati

CVE-2024-31165 | Open Networking Foundation libfluid 0.1.0 unpack unchecked return value to null pointer dereference

CVE-2024-6296 | Stackable Plugin up to 3.13.1 on WordPress cross site scripting

CVE-2024-39123 | janeczku Calibre-Web up to 0.6.21 edit_book_comments cross site scripting

CVE-2024-37018 | OpenDaylight 0.15.3 Discovery Packet unknown vulnerability