CVE-2025-66473

Dec 24, 2025 Updated Dec 24, 2025 CVE Database

CVE-2025-66473 vulnerability security

CVE-2025-66473

XWiki is an open-source wiki software platform. Versions 16.10.10 and below, 17.0.0-rc-1 through 17.4.3 and 17.5.0-rc-1 through 17.6.0 contain a REST API which doesn't enforce any limits for the number of items that can be requested in a single request at the moment. Depending on the number of pages in the wiki and the memory configuration, this can lead to slowness and unavailability of the wiki. As an example, the /rest/wikis/xwiki/spaces resource returns all spaces on the wiki by default, which are basically all pages. This issue is fixed in versions 17.4.4 and 16.10.11.

Scan Your Attack Surface for These Issues

Secably automatically detects the vulnerabilities discussed in this article across your domains, subdomains, and infrastructure.

Start Free — No Credit Card

Related Articles

Technical analysis of CVE-2025-65950 (HIGH, 8.8) affecting WBCE CMS. Learn about affected …

Detailed technical analysis of CVE-2024-58279 (HIGH, 8.8) affecting appRain CMF 4.0.5. Learn …

Technical analysis of CVE-2024-58281 (HIGH, 8.8). Learn about affected systems, exploitation details, …

Detailed technical analysis of CVE-2024-58282 (HIGH, 7.2) affecting Serendipity 2.5.0. Learn about …

Detailed technical analysis of CVE-2024-58283 (HIGH, 8.8), a remote code execution vulnerability …

All CVE Database

Categories

All Categories CVE Database

support_agent

Secably Support

Usually replies within minutes

Hi there!

Send us a message and we'll reply ASAP.