CVE-2025-55748 | xwiki-platform up to 16.10.6 path traversal (GHSA-m63c-3rmg-r2cf)

September 3, 2025 Yanac

A vulnerability has been found in xwiki-platform up to 16.10.6 and classified as critical. Impacted is an unknown function. Performing manipulation results in relative path traversal.

This vulnerability is reported as CVE-2025-55748. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More

CVE-2025-58459 | global-build-stats Plugin up to 322.v22f4db_18e2dd on Jenkins REST API Endpoint permission
CVE-2025-56760 | Memos 0.22 CreateResource Endpoint path traversal