CVE-2025-27604

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-27604
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-27604.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-27604
Aliases
Published
2025-03-07T16:11:32Z
Modified
2025-10-14T14:34:44Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
XWiki Confluence Migrator Pro's homepage is public
Details

XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7.

References

Affected packages

Git /

Affected ranges

Database specific 

{
    "unresolved_versions": [
        {
            "type": "",
            "events": [
                {
                    "introduced": "0"
                },
                {
                    "fixed": "1.11.7"
                }
            ]
        }
    ]
}