VYPR

Maven package

org.xwiki.platform/xwiki-platform-lesscss-script

pkg:maven/org.xwiki.platform/xwiki-platform-lesscss-script

Vulnerabilities (1)

  • CVE-2025-32972Apr 30, 2025
    affected >= 6.1-milestone-1, < 15.10.12fixed 15.10.12

    XWiki is a generic wiki platform. In versions starting from 6.1-milestone-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the script API of the LESS compiler in XWiki is incorrectly checking for rights when calling the cache cl