CVE-2025-49582

Name of the Vulnerable Software and Affected Versions XWiki versions prior to 16.4.7 XWiki versions prior to 16.10.3 XWiki versions prior to 17.0.0

Description XWiki is a generic wiki platform that warns about the execution of "dangerous" macros like malicious script macros authored by a user with fewer rights since XWiki 15.9RC1. However, the required rights analyzers that trigger these warnings are incomplete, allowing an attacker to hide malicious content. The existing analyzers do not consider non-lowercase parameters, and most macro parameters that can contain XWiki syntax were not analyzed. This could allow a malicious user to add malicious script macros, including Groovy or Python macros, to a page that are then executed after another user with programming rights edits the page, thus allowing remote code execution.

Recommendations For versions prior to 16.4.7, update to version 16.4.7 or later. For versions prior to 16.10.3, update to version 16.10.3 or later. For versions prior to 17.0.0, update to version 17.0.0 or later. As a temporary workaround, consider being careful when editing content authored by untrusted users.