CVE-2025-54125 | xwiki-platform up to 16.4.6/16.10.4/17.1.x templates/xml.vm exposure of private personal information to an unauthorized actor (GHSA-57q2-6cp4-9mq3)

A vulnerability, which was classified as problematic, was found in xwiki-platform up to 16.4.6/16.10.4/17.1.x. Affected is an unknown function of the file templates/xml.vm. The manipulation leads to exposure of private personal information to an unauthorized actor.

This vulnerability is traded as CVE-2025-54125. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More