{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T18:11:15.821","vulnerabilities":[{"cve":{"id":"CVE-2025-51991","sourceIdentifier":"cve@mitre.org","published":"2025-08-20T15:15:33.327","lastModified":"2025-09-11T13:50:55.417","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"XWiki through version 17.3.0 is vulnerable to Server-Side Template Injection (SSTI) in the Administration interface, specifically within the HTTP Meta Info field of the Global Preferences Presentation section. An authenticated administrator can inject crafted Apache Velocity template code, which is rendered on the server side without proper validation or sandboxing. This enables the execution of arbitrary template logic, which may expose internal server information or, in specific configurations, lead to further exploitation such as remote code execution or sensitive data leakage. The vulnerability resides in improper handling of dynamic template rendering within user-supplied configuration fields."},{"lang":"es","value":"XWiki, hasta la versión 17.3.0, es vulnerable a Server-Side Template Injection (SSTI) en la interfaz de Administración, específicamente en el campo HTTP Meta Info de la sección Presentación de Preferencias Globales. Un administrador autenticado puede inyectar código de plantilla Apache Velocity manipulado, el cual se procesa en el servidor sin la validación ni el entorno de pruebas adecuados. Esto permite la ejecución de lógica de plantilla arbitraria, lo que puede exponer información interna del servidor o, en ciertas configuraciones, provocar una explotación posterior, como la ejecución remota de código o la filtración de datos confidenciales. La vulnerabilidad reside en el manejo inadecuado de la renderización dinámica de plantillas dentro de los campos de configuración proporcionados por el usuario."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*","versionEndIncluding":"17.3.0","matchCriteriaId":"299B1520-4DFC-4D21-A589-ECE23F2AAF60"}]}]}],"references":[{"url":"https://github.com/malcxlmj/cve-writeups/blob/main/CVE-2025-51991.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://xwiki.org","source":"cve@mitre.org","tags":["Product"]}]}}]}