EUVD-2025-201417

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to 1.27.1, the macro executes Velocity from the details pages without checking for permissions, which can lead to remote code execution. This vulnerability is fixed in 1.27.1...

CVE-2025-65036 XWiki Remote Macros vulnerable to remote code execution using the confluence details summary macro

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to 1.27.1, the macro executes Velocity from the details pages without checking for permissions, which can lead to remote code execution. This vulnerability is fixed in 1.27.1...

PT-2025-49257

Name of the Vulnerable Software and Affected Versions XWiki Remote Macros versions prior to 1.27.1 Description XWiki Remote Macros includes XWiki rendering macros designed for content migration from Confluence. Versions of the software prior to 1.27.1 execute Velocity code from details pages...

EUVD-2025-27451

Malicious code in bioql PyPI...

CVE-2025-55730

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the title in the confluence paste code macro allows remote code execution for any user who can edit any page. The...

PT-2025-36918

Name of the Vulnerable Software and Affected Versions: XWiki Remote Macros versions 1.0 through 1.26.5 Description: XWiki Remote Macros provides XWiki rendering macros used for content migration from Confluence. A lack of escaping for the classes parameter within the panel macro allows for remote...