CVE-2025-54990 | xwikisas application-admintools up to 1.0 on XWiki default permission (GHSA-v7r8-8p5c-h4xw)

Inserito da Angelo Barbosa | Nov 19, 2025 | CVE

A vulnerability was found in xwikisas application-admintools up to 1.0 on XWiki. It has been classified as critical. The impacted element is an unknown function. This manipulation causes incorrect default permissions.

This vulnerability is handled as CVE-2025-54990. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2025-54990 | xwikisas application-admintools up to 1.0 on XWiki default permission (GHSA-v7r8-8p5c-h4xw)

Post correlati

CVE-2024-49866 | Linux Kernel up to 5.15.167/6.1.112/6.6.54/6.10.13/6.11.2 on CPU0 timerlat cpu_device_down state issue

CVE-2024-4551 | YotuWP Video Gallery Plugin up to 1.3.13 on WordPress Shortcode file inclusion

CVE-2025-34304 | IPFire up to 2.29 HTTP POST Request ovpnclients.dat CONNECTION_NAME sql injection

CVE-2025-42975 | SAP NetWeaver Application Server ABAP up to SEM-BW 600 BIC Document cross site scripting