VYPR

Maven package

org.xwiki.platform/xwiki-platform-security-authorization-api

pkg:maven/org.xwiki.platform/xwiki-platform-security-authorization-api

Vulnerabilities (1)

  • CVE-2025-29924Mar 19, 2025
    affected >= 6.1-rc-1, < 15.10.14fixed 15.10.14

    XWiki Platform is a generic wiki platform. Prior to 15.10.14, 16.4.6, and 16.10.0-rc-1, it's possible for an user to get access to private information through the REST API - but could also be through another API - when a sub wiki is using "Prevent unregistered users to view pages