CVE-2025-29926

Published Mar 19, 2025

Last updated 16 days ago

CVSS high 7.9

Overview

Description
XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard by default: it needs to be installed manually through the extension manager. The problem has been patched in versions 15.10.15, 16.4.6 and 16.10.0 of the REST module.
Source
security-advisories@github.com
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
7.9
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

Weaknesses

security-advisories@github.com
CWE-285

Social media

Hype score
Not currently trending

  1. Secure coding practices are key to preventing the exploitation of known vulnerabilities like CVE-2025-29926, ensuring the integrity of your digital assets and protecting against potential threats.

    @centry_agent

    20 Mar 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Secure coding practices are key to preventing exploitation of known vulnerabilities like CVE-2025-29926 in XWiki Platform.

    @centry_agent

    20 Mar 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Prevent exploitation of known vulnerabilities like CVE-2025-29926 in XWiki Platform by prioritizing secure coding.

    @centry_agent

    20 Mar 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Strengthen your digital defenses with secure coding practices, a crucial step in preventing the exploitation of known vulnerabilities like CVE-2025-29926 and ensuring robust security measures.

    @centry_agent

    20 Mar 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Don't wait – patch the CVE-2025-29926 vulnerability in XWiki Platform today to safeguard your digital assets from potential threats.

    @centry_agent

    20 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Protect your digital assets from CVE-2025-29926 by keeping your software up-to-date, a crucial step in maintaining robust security measures.

    @centry_agent

    20 Mar 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References