{"vulnerability": "CVE-2025-49580", "sightings": [{"uuid": "84aa1981-b4a3-4d1d-81a5-31cf6340a0ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49580", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18312", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49580\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: XWiki is a generic wiki platform. From 8.2 and 7.4.5 until 17.1.0-rc-1, 16.10.4, and 16.4.7, pages can gain script or programming rights when they contain a link and the target of the link is renamed or moved. This might lead to execution of scripts contained in xobjects that should have never been executed. This vulnerability is fixed in 17.1.0-rc-1, 16.10.4, and 16.4.7.\n\ud83d\udccf Published: 2025-06-13T15:45:58.451Z\n\ud83d\udccf Modified: 2025-06-13T15:56:24.272Z\n\ud83d\udd17 References:\n1. https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-jm43-hrq7-r7w6\n2. https://github.com/xwiki/xwiki-platform/commit/ab209acd780da69a4c5ff77ff011efd698273cec\n3. https://jira.xwiki.org/browse/XWIKI-22836", "creation_timestamp": "2025-06-13T16:37:17.000000Z"}, {"uuid": "843fe354-2316-4a46-8364-1dcb78602ca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49580", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrixwkfupw2p", "content": "", "creation_timestamp": "2025-06-13T17:35:32.079378Z"}, {"uuid": "665170fa-9742-4f9f-a70d-21ed95efe054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49580", "type": "published-proof-of-concept", "source": "Telegram/LbSE4ui0deWaIbAIy_SI6HyoY8sH4t9aZhKhv-gkpgMW3iE", "content": "", "creation_timestamp": "2025-06-13T17:05:18.000000Z"}]}