XWiki Platform Security Update Advisory (CVE-2025-32429)

Jul 30 2025

Overview

We have released a security update to address a vulnerability in XWiki Platform. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-32429

XWiki Platform Version: 9.4-rc-1 or later but before 16.10.6
XWiki Platform Version: 17.0.0-rc-1 or later but not earlier than 17.3.0-rc-1

Resolved Vulnerabilities

SQL Injection Vulnerability in XWiki Platform (CVE-2025-32429)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-32429

XWiki Platform Version: 16.10.6
XWiki Platform Version: 17.3.0-rc-1

References

[1] SQL injection through getdeleteddocuments.vm template sort parameter
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-vr59-gm53-v7cq

XWiki Platform Security Update Advisory (CVE-2025-32429)

IBM Product Security Update Advisory

Google Chrome Browser (138.0.7204.183/.184) Security Update Advisory

Tags:

IBM Product Security Update Advisory

Google Chrome Browser (138.0.7204.183/.184) Security Update Advisory