{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T01:25:26.527","vulnerabilities":[{"cve":{"id":"CVE-2025-32461","sourceIdentifier":"cve@mitre.org","published":"2025-04-09T02:15:16.253","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"wikiplugin_includetpl in lib/wiki-plugins/wikiplugin_includetpl.php in Tiki before 28.3 mishandles input to an eval. The fixed versions are 21.12, 24.8, 27.2, and 28.3."},{"lang":"es","value":"En Tiki, el wikiplugin_includetpl en lib/wiki-plugins/wikiplugin_includetpl.php antes de la versiĆ³n 28.3 gestiona incorrectamente la entrada a una evaluaciĆ³n. Las versiones corregidas son 21.12, 24.8, 27.2 y 28.3."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-1336"}]}],"references":[{"url":"https://gitlab.com/tikiwiki/tiki/-/commit/406bea4f6c379a23903ecfd55e538d90fd669ab0","source":"cve@mitre.org"},{"url":"https://gitlab.com/tikiwiki/tiki/-/commit/801ed912390c2aa6caf12b7b953e200f5d4bc0b1","source":"cve@mitre.org"},{"url":"https://gitlab.com/tikiwiki/tiki/-/commit/9ffb4ab21bd86837370666ecd6afd868f3d7877a","source":"cve@mitre.org"},{"url":"https://gitlab.com/tikiwiki/tiki/-/commit/be8dc1aa220fbceb07a7a5dc36416243afccd358","source":"cve@mitre.org"},{"url":"https://gitlab.com/tikiwiki/tiki/-/commit/f3f36c1ac702479209acfcaec5789d2fd1f996bc","source":"cve@mitre.org"},{"url":"https://tiki.org/article517","source":"cve@mitre.org"},{"url":"https://tiki.org/article518","source":"cve@mitre.org"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/11","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}