{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T18:44:56.448","vulnerabilities":[{"cve":{"id":"CVE-2025-27604","sourceIdentifier":"security-advisories@github.com","published":"2025-03-07T17:15:22.290","lastModified":"2025-03-13T14:40:27.713","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7."},{"lang":"es","value":"XWiki Confluence Migrator Pro ayuda a los administradores a importar paquetes de Confluence a su instancia de XWiki. La página de inicio de la aplicación es pública, lo que permite que un invitado descargue el paquete que podría contener información confidencial. Esta vulnerabilidad se solucionó en la versión 1.11.7."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xwiki:confluence_migrator:*:*:*:*:pro:xwiki:*:*","versionEndExcluding":"1.11.7","matchCriteriaId":"C80FC532-BB0A-4403-8EC6-59E4FB2BF4D5"}]}]}],"references":[{"url":"https://github.com/xwikisas/application-confluence-migrator-pro/commit/6ced42b1f341fd0ce6734fc58c7d694da5f365fb","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/xwikisas/application-confluence-migrator-pro/security/advisories/GHSA-3w9f-2pph-j5vc","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}