CVE-2025-65090 in macro-fullcalendarالمعلومات

الملخص

بحسب MITRE • 10/01/2026

XWiki Full Calendar Macro displays objects from the wiki on the calendar. Prior to version 2.4.6, users with the rights to view the Calendar.JSONService page (including guest users) can exploit the data leak vulnerability by accessing database info, with the exception of passwords. This issue has been patched in version 2.4.6.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

GitHub M

حجز

17/11/2025

إفشاء

10/01/2026

الاعتدال

تمت الموافقة

إدخال

VDB-340408

CPE

جاهز

CWE

CWE-200 (مؤكد)

CVSS

5.3 (CNA)

EPSS

0.00048

KEV

لا

النشاطات

منخفض جدًا

القطاع

Transportation, Telecommunication, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-65090
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-65090
CVE Details	https://www.cvedetails.com/cve/CVE-2025-65090/

التالي ▸نظرة عامة ◂ السابق

Do you need the next level of professionalism?

Upgrade your account now!