CVE-2025-55747 Scanner

The XWiki Platform is a comprehensive wiki platform, utilized extensively by enterprises and organizations for collaborative creation and sharing of content. By providing runtime services for applications built on top of it, XWiki supports a wide range of functionalities, integrating various extensions and plugins. This platform is predominantly used to create knowledge bases, manage documentation, and facilitate team collaboration in a structured environment. Entities leveraging XWiki benefit from its robust access control and customization capabilities to tailor its usage to specific organizational needs. XWiki is embraced in environments demanding collaborative content management, version control, and audit trails for content changes. It fosters enhanced productivity and communication across distributed teams by centralizing and simplifying content management.

The vulnerability in XWiki Platform involves Local File Inclusion (LFI), a serious security flaw that allows attackers to include files on a server through the web server. This specific vulnerability affects XWiki Platform versions from 6.1-milestone-2 through 16.10.6. Exploiting this vulnerability can grant unauthorized access to sensitive configuration files within the system, which could expose critical information. The vulnerability's severity level is classified as high, indicating its potential risk. Attackers can remotely access these files, potentially leading to data leakage or further exploitation of the system. The vulnerability stems from improper handling of input, allowing attackers to navigate directories and include unauthorized files.

The vulnerability detail reveals that the webjars API permits access to configuration files, exposing them to remote attackers. The vulnerable endpoint is specifically associated with the manipulation of the webjars API within XWiki. By exploiting this entry point, attackers can traverse directories and access files stored under the WEB-INF directory, like xwiki.cfg, due to inadequate input validation. This exploit takes advantage of certain URL encodings and file path manipulations to access unauthorized directories. As a result, attackers gain the ability to include and read sensitive configuration files, potentially leading to data breaches. The manipulation involves using a crafted URL that bypasses normal access restrictions.

If exploited, the LFI vulnerability in the XWiki Platform can result in significant risks to the affected systems. Attackers gaining access to critical configuration files can expose sensitive information like database credentials, administrative configurations, and security settings. This can further lead to unauthorized data modification, increased attack surface, or full system compromise. Moreover, exposed configuration files might contain vulnerabilities or weaknesses that attackers can leverage to escalate privileges or launch additional attacks. The impact extends beyond immediate data exposure, potentially affecting the integrity and confidentiality of the organization's data. Organizations using affected versions might face severe reputational and financial damages if these risks are actualized.

REFERENCES

• https://jira.xwiki.org/browse/XWIKI-19350
• https://nvd.nist.gov/vuln/detail/CVE-2025-55747