PT-2025-35831 · Xwiki · Xwiki Platform
Tmortagne
·
Published
2025-09-03
·
Updated
2025-10-17
·
CVE-2025-55747
CVSS v2.0
9.4
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
XWiki Platform versions 6.1-milestone-2 through 16.10.6
Description
The XWiki Platform is a generic wiki platform. Affected versions allow access to configuration files through the webjars API. This issue is resolved in version 16.10.7.
Recommendations
Update to version 16.10.7 or later.
Exploit
Fix
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Xwiki Platform