XWikiplatform Vulnerability - CVE-2025-55749 - Vulnerability Database

XWikiplatform Vulnerability - CVE-2025-55749

High

Reference: CVE-2025-55749

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-55749

Title: XWikiplatform Vulnerability

Overview:

XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11 17.4.4 or 17.7.0 in an instance which is using the XWiki Jetty package (XJetty) a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials. Fixed in 16.10.11 17.4.4 and 17.7.0.