CVE-2025-49583 | xwiki-platform up to 15.10.15/16.4.6/16.10.1 privilege context switching error (GHSA-ff6v-w58f-v97w)

Inserito da Angelo Barbosa | Giu 13, 2025 | CVE

A vulnerability classified as problematic has been found in xwiki-platform up to 15.10.15/16.4.6/16.10.1. Affected is an unknown function of the component XWiki.Notifications.Code.NotificationEmailRendererClass. The manipulation leads to privilege context switching error.

This vulnerability is traded as CVE-2025-49583. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-49583 | xwiki-platform up to 15.10.15/16.4.6/16.10.1 privilege context switching error (GHSA-ff6v-w58f-v97w)

Post correlati

CVE-2023-41665 | GiveWP Plugin up to 2.33.0 on WordPress privileges management

CVE-2024-34091 | Archer Platform prior 2024.04 Trusted Application Data Store cross site scripting

CVE-2023-6963 | Getwid Gutenberg Blocks Plugin up to 2.0.4 on WordPress Captcha improper authorization

CVE-2024-28589 | Axigen Mail Server up to 10.5.18 on Windows uncontrolled search path