CVE-2025-32970
MEDIUM EXPLOITED NUCLEIXWiki WYSIWYG API - Open Redirect
Title source: nucleiExploitation Summary
CVE-2025-32970 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
XWiki is a generic wiki platform. In versions starting from 13.5-rc-1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0, an open redirect vulnerability in the HTML conversion request filter allows attackers to construct URLs on an XWiki instance that redirects to any URL. This issue has been patched in versions 15.10.13, 16.4.4, and 16.8.0.
Nuclei Templates (1)
XWiki WYSIWYG API - Open Redirect
MEDIUMVERIFIEDby ritikchaddha
Shodan:
html:"data-xwiki-reference"
FOFA:
body="data-xwiki-reference"
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-pjhg-9wr9-rj96
Patch x_refsource_misc
https://github.com/xwiki/xwiki-platform/commit/6dab7909f45deb00efd36a0cd47788e95ad64802
Exploit, Issue Tracking, Vendor Advisory x_refsource_misc
https://jira.xwiki.org/browse/XWIKI-22487
Scores
CVSS v3
6.1
EPSS
0.0052
EPSS Percentile
39.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2025-09-04
CWE
CWE-601
Status
published
Products (3)
org.xwiki.platform/xwiki-platform-wysiwyg-api
13.5-rc-1 - 15.10.13Maven
xwiki/xwiki
16.8.0 rc1
xwiki/xwiki
13.5 - 15.10.13
Published
Apr 30, 2025
Tracked Since
Feb 18, 2026