CVE-2025-55749

Vulnerability Description

XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package (XJetty), a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials. Fixed in 16.10.11, 17.4.4, and 17.7.0.

Vulnerability Details

Published Date

December 01, 2025

Last Modified

December 02, 2025

Source

NVD

CVE-2025-55749

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment