CVE-2025-49580 | xwiki-platform up to 8.0-milestone-0/16.4.6/16.10.3/17.1.0-rc-0 privileges assignment (GHSA-jm43-hrq7-r7w6 / EUVD-2025-18286)

A vulnerability was found in xwiki-platform up to 8.0-milestone-0/16.4.6/16.10.3/17.1.0-rc-0 and classified as critical. This issue affects some unknown processing. The manipulation leads to incorrect privilege assignment.

The identification of this vulnerability is CVE-2025-49580. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More