CVE-2025-49594 | xwiki-contrib oidc up to 2.18.1 OpenID Connect Protocol improper authorization (GHSA-f2hf-pfrj-vrm7)

A vulnerability classified as critical has been found in xwiki-contrib oidc up to 2.18.1. Impacted is an unknown function of the component OpenID Connect Protocol Handler. This manipulation causes improper authorization.

This vulnerability is tracked as CVE-2025-49594. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More