Primary

Context

XWiki Confluence Migrator Pro Sensitive Information Exposure Vulnerability

Vulnerability

Patched

A vulnerability in XWiki Confluence Migrator Pro versions through 1.11.6 allows guests to download packages containing sensitive information. This issue arises because the application's homepage is publicly accessible.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information included in downloadable Confluence packages.

Remediation

Users can upgrade to version 1.11.7 to address this vulnerability. Additionally, access to the application homepage can be restricted to specific users or groups.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

XWiki Confluence Migrator Pro Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

XWiki Confluence Migrator Pro

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating