CVE-2025-55749 | XWiki xwiki-platform up to 16.10.10/17.4.3/17.6.x XJetty webapp/ access control (GHSA-53gx-j3p6-2rw9)

A vulnerability was found in XWiki xwiki-platform up to 16.10.10/17.4.3/17.6.x. It has been declared as critical. Affected by this issue is some unknown functionality of the file webapp/ of the component XJetty. The manipulation results in improper access controls.

This vulnerability is identified as CVE-2025-55749. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More