VYPR

Maven package

org.xwiki.platform/xwiki-platform-security-requiredrights-default

pkg:maven/org.xwiki.platform/xwiki-platform-security-requiredrights-default

Vulnerabilities (3)

  • CVE-2025-49585Jun 13, 2025
    affected < 15.10.16fixed 15.10.16

    XWiki is a generic wiki platform. In versions before 15.10.16, 16.0.0-rc-1 through 16.4.6, and 16.5.0-rc-1 through 16.10.1, when an attacker without script or programming right creates an XClass definition in XWiki (requires edit right), and that same document is later edited by

  • CVE-2025-49582Jun 13, 2025
    affected >= 15.9-rc-1, < 16.4.7fixed 16.4.7

    XWiki is a generic wiki platform. When editing content that contains "dangerous" macros like malicious script macros that were authored by a user with fewer rights, XWiki warns about the execution of these macros since XWiki 15.9RC1. These required rights analyzers that trigger t

  • CVE-2025-32974Apr 30, 2025
    affected >= 15.9-rc-1, < 15.10.8fixed 15.10.8

    XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.8 and from 16.0.0-rc-1 to before 16.2.0, the required rights analysis doesn't consider TextAreas with default content type. When editing a page, XWiki warns since version 15.9 when there is cont