CVE-2025-32971 | xwiki xwiki-platform up to 15.10.12/16.4.3/16.7.x xcontext.dropPermissions authorization (GHSA-987p-r3jc-8c8v)

A vulnerability classified as problematic has been found in xwiki xwiki-platform up to 15.10.12/16.4.3/16.7.x. Affected is the function xcontext.dropPermissions. The manipulation leads to incorrect authorization.

This vulnerability is traded as CVE-2025-32971. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More