First published: Sun Apr 20 2025(Updated: )
TwsCachedXPathAPI in Convertigo through 8.3.4 does not restrict the use of commons-jxpath APIs.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Convertigo | <=8.3.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-43955 has been classified as a moderate severity vulnerability.
To remediate CVE-2025-43955, upgrade to a version of Convertigo higher than 8.3.4.
CVE-2025-43955 affects the TwsCachedXPathAPI component in Convertigo versions up to 8.3.4.
The risks of CVE-2025-43955 include potential unauthorized use of commons-jxpath APIs leading to data exposure.
Currently, the recommended workaround for CVE-2025-43955 is to upgrade to a secure version as there are no temporary fixes available.