{"id":"CVE-2025-32971","summary":"XWiki Solr script service doesn't take dropped programming right into account","details":"XWiki is a generic wiki platform. In versions starting from 4.5.1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the Solr script service doesn't take dropped programming rights into account. The Solr script service that is accessible in XWiki's scripting API normally requires programming rights to be called. Due to using the wrong API for checking rights, it doesn't take the fact into account that programming rights might have been dropped by calling `$xcontext.dropPermissions()`. If some code relies on this for the safety of executing Velocity code with the wrong author context, this could allow a user with script rights to either cause a high load by indexing documents or to temporarily remove documents from the search index. This issue has been patched in versions 15.10.13, 16.4.4, and 16.8.0-rc-1.","aliases":["GHSA-987p-r3jc-8c8v"],"modified":"2026-05-31T02:47:07.933315Z","published":"2025-04-30T14:54:55.124Z","database_specific":{"cwe_ids":["CWE-863"],"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/32xxx/CVE-2025-32971.json"},"references":[{"type":"WEB","url":"https://jira.xwiki.org/browse/XWIKI-22474"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/32xxx/CVE-2025-32971.json"},{"type":"ADVISORY","url":"https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-987p-r3jc-8c8v"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32971"},{"type":"FIX","url":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/xwiki/xwiki-commons","events":[{"introduced":"a4adb8e9ac8d6761d697adb7e29a2eb812e204f4"},{"fixed":"563b140bdb68a542df2661dade6c6fd55c9424b5"},{"introduced":"918ea43fe0d277c28efa21a871175b329c75157c"},{"fixed":"781dce4032a1cec978463de2b9bc4ea087c922bc"},{"introduced":"526fcc68b3f75862a2af7395b5a6dfdd3d2166a5"},{"fixed":"b7e6ace16af1a52758fb881837d1d05f6f51a418"}],"database_specific":{"source":"CPE_RANGE","extracted_events":[{"introduced":"4.5.1"},{"fixed":"15.10.13"},{"introduced":"16.0.0"},{"fixed":"16.4.4"},{"introduced":"16.5.0"},{"fixed":"16.8.0"}],"cpe":"cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*"}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-32971.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/xwiki/xwiki-platform","events":[{"introduced":"49b108c647cc1c5b478eb95d6d3b000f28fc5bff"},{"fixed":"97e8f148873bd95834ed6f93e564bbf77070ea2b"},{"introduced":"3c6f5cf138d8095f63631e554ba448e4b780e162"},{"fixed":"c20d0fd69f97fd2d2eaa6c78d785f2097ed5a5d0"},{"introduced":"177e524c2e218fe5de776619271b7cd12c929488"},{"fixed":"49af0ac677c5f80e29ec8044c81ac51d3161152a"},{"fixed":"6570f40f976aec82baf388b5239d1412cab238c9"}],"database_specific":{"source":["CPE_RANGE","REFERENCES"],"extracted_events":[{"introduced":"4.5.1"},{"fixed":"15.10.13"},{"introduced":"16.0.0"},{"fixed":"16.4.4"},{"introduced":"16.5.0"},{"fixed":"16.8.0"}],"cpe":"cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*"}}],"database_specific":{"vanir_signatures":[{"digest":{"line_hashes":["274003705674952165485013444814961936643","191310593760407299282929972078747691966","283792305261805835973270657161521075083","36748194502398627378493192014563423147","302719975544873556728634298959135204971","161003778651903818011771890554862253327","47106129422851546981918105533830579777","264664875313913459168128124221452812726","267590923224473496580985926882512369587","66874303208629275033273478456015058689","10041105961471688486482989888707609387"],"threshold":0.9},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/main/java/org/xwiki/search/solr/script/SolrIndexScriptService.java"},"id":"CVE-2025-32971-11c78177","signature_type":"Line","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"line_hashes":["162085118157427804356631568315313289021","338477182582758375003584366777166501589","58469049557373835310893697060019008228","228349822650395907755431329387274939686","297505099352716656059819604422129354392","48237436150210407235927690429223781639","9790542162375607058991553198701990037","16684136752837563172869568427108822223","295240562065721570923416518409446495266","107460268638836911988504307249168177712","199714849173233921953381478442504599999","186795911061621338247563612791902838609","122198234537229669231005270566884584268","176235983936402006109217773509279396694","194266611869287260708383212230955354376","143577412960785701665830196551709096222","313784079334204670382735755128500646654","137161838077120059359614184017175209452","46004694869508351624158581846025146874","292080682639007517373347539385114605474","106493772900162352873116237632375586623","137161838077120059359614184017175209452","148754540302412044522338445439999743577","40444298353755976683763121201690250097","138468126387227093982350439603579947375","137161838077120059359614184017175209452","205696357692071148224767681802827929339","271700712568640158560938927774513932999","21234163311385418605543172889182949989","137161838077120059359614184017175209452","77314561151270200859869555434464140833","138502997585949452684117848789285800802","175562208194628188946293721731516867928","137161838077120059359614184017175209452","182069886633445803793943751098291902802","330667159469781567351074009433961298478","187637402631685182135412690800365103011","9826586072431499105672136997249937427","186612342587476242466836232904689231291","276759771351379600513591299055899801453","23681371366854669594379175864881584475","265225584828672311887151308609332396219","288790981115516479721692272067296595373","52466240462153659156355838980473070994","328082989065580726118008815516015347909","109321415645395777521850495311623750031","274097427580441355975086905145411384361","327636622721136359455665764532501973503","135055569920924639115800532436145795349","137161838077120059359614184017175209452","249301195253213464692732376436089055935","187342901094099139764635091985572043218","249700963230709561691216888309839843822","70968569168673505085688367711309184687","337803075414464551900415282489768202131"],"threshold":0.9},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java"},"id":"CVE-2025-32971-1e24f43d","signature_type":"Line","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":325,"function_hash":"167522038140324295685490309051094233111"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"indexSingleReferenceChecksRights"},"id":"CVE-2025-32971-2a09c6ba","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":509,"function_hash":"96328889152371842839127264630791736451"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"openrationsOnMultipleReferencesOnTheSameWikiChecksRightsOnlyOnceForThatWiki"},"id":"CVE-2025-32971-40816cbb","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":399,"function_hash":"155304530465939726981843185230320916520"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"operationsChecksRightsWithOtherReferences"},"id":"CVE-2025-32971-4228307a","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":347,"function_hash":"211105952348907996491200845569924344343"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"deleteMultipleReferencesChecksRights"},"id":"CVE-2025-32971-51698e17","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":688,"function_hash":"140750617484929976324006640125905450449"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"hasWikiAdminButNoProgrammingCausesRightsCheckFailure"},"id":"CVE-2025-32971-5bd37924","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":325,"function_hash":"167522038140324295685490309051094233111"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"deleteSingleReferenceChecksRights"},"id":"CVE-2025-32971-72f0742e","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":330,"function_hash":"104648545406699119365260465908813311384"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/main/java/org/xwiki/search/solr/script/SolrIndexScriptService.java","function":"checkAccessToWikiIndex"},"id":"CVE-2025-32971-8dcd42ad","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":802,"function_hash":"56584360274482318809450033308059354497"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"openrationsOnMultipleReferencesOnDifferentWikisChecksRightsOnEachWiki"},"id":"CVE-2025-32971-942fa167","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":802,"function_hash":"96192914119820879302919867995250567893"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"hasProgrammingButNoWikiAdminCausesRightsCheckFailure"},"id":"CVE-2025-32971-a6384feb","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":347,"function_hash":"211105952348907996491200845569924344343"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"indexMultipleReferencesChecksRights"},"id":"CVE-2025-32971-b1141572","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"},{"digest":{"length":950,"function_hash":"188597877142645920508844174627004226655"},"target":{"file":"xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-api/src/test/java/org/xwiki/search/solr/script/SolrIndexScriptServiceTest.java","function":"setUp"},"id":"CVE-2025-32971-f78e0418","signature_type":"Function","source":"https://github.com/xwiki/xwiki-platform/commit/6570f40f976aec82baf388b5239d1412cab238c9","deprecated":false,"signature_version":"v1"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-32971.json","vanir_signatures_modified":"2026-05-31T02:47:07Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L"}]}