JIRA Integration Flaw in XWiki Affects User Profile Access
CVE-2025-31487

7.7HIGH

Key Information:

Vendor
Xwiki-contrib
Status
Jira
Vendor
CVE Published:
3 April 2025

Summary

The XWiki JIRA extension allows logged-in users to manipulate their user profile pages by utilizing a JIRA macro. If configured with a malicious JIRA URL, this macro can issue requests that expose sensitive files from the XWiki server. This occurs through an XML response that relies on incorrectly parsed DOCTYPE declarations, potentially leading to unauthorized information disclosure. The vulnerability can be mitigated by updating to JIRA Extension version 8.6.5, which provides patching for this exploit.

Affected Version(s)

jira >= 4.2, < 8.5.6

References

https://github.com/xwiki-contrib/jira/security/advisories...
x_refsource_CONFIRM
https://github.com/xwiki-contrib/jira/commit/5049e352d16f...
x_refsource_MISC
https://github.com/xwiki-contrib/jira/commit/98a74c2a516b...
x_refsource_MISC

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.