CVE-2025-46554 | xwiki-platform up to 14.10.21/15.10.11/16.4.2/16.6.x REST Endpoint authorization

Inserito da Angelo Barbosa | Apr 30, 2025 | CVE

A vulnerability classified as problematic was found in xwiki-platform up to 14.10.21/15.10.11/16.4.2/16.6.x. Affected by this vulnerability is an unknown functionality of the component REST Endpoint. The manipulation leads to missing authorization.

This vulnerability is known as CVE-2025-46554. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-46554 | xwiki-platform up to 14.10.21/15.10.11/16.4.2/16.6.x REST Endpoint authorization

Post correlati

CVE-2024-28804 | Italtel i-MCS NFV 12.1.0-20211215 POST Request cross site scripting

CVE-2024-40640 | matrix-org vodozemac up to 0.6.x Base64 Encoding timing discrepancy

CVE-2024-2047 | ElementsKit Elementor Addons Plugin up to 3.0.6 on WordPress render_raw file inclusion

CVE-2024-2874 | GitLab Community Edition/Enterprise Edition up to 16.10.5/16.11.2/17.0.0 Description resource consumption (Issue 451911)