CVE-2025-32972 | xwiki xwiki-platform up to 15.10.11/16.4.2/16.7.x Script API improper authorization (GHSA-rp38-24m3-rx87)

A vulnerability, which was classified as problematic, was found in xwiki xwiki-platform up to 15.10.11/16.4.2/16.7.x. This affects an unknown part of the component Script API. The manipulation leads to improper authorization.

This vulnerability is uniquely identified as CVE-2025-32972. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More