CVE-2025-65090 | xwiki-contrib macro-fullcalendar up to 2.4.5 Calendar.JSONService information disclosure (GHSA-637h-ch24-xp9m)

A vulnerability marked as problematic has been reported in xwiki-contrib macro-fullcalendar up to 2.4.5. Affected by this issue is some unknown functionality of the file Calendar.JSONService. Performing a manipulation results in information disclosure.

This vulnerability is reported as CVE-2025-65090. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More