9 matches found
CVE-2025-65089
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to version 1.27.0, a user with no view rights on a page may see the content of an office attachment displayed with the view file macro. This issue has been patched in version 1.27.0...
EUVD-2025-198050
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to version 1.27.0, a user with no view rights on a page may see the content of an office attachment displayed with the view file macro. This issue has been patched in version 1.27.0...
CVE-2025-65089 XWiki view file macro: User can view content of office file without view rights on the attachment
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to version 1.27.0, a user with no view rights on a page may see the content of an office attachment displayed with the view file macro. This issue has been patched in version 1.27.0...
CVE-2025-65089 XWiki view file macro: User can view content of office file without view rights on the attachment
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to version 1.27.0, a user with no view rights on a page may see the content of an office attachment displayed with the view file macro. This issue has been patched in version 1.27.0...
CVE-2025-65089 XWiki view file macro: User can view content of office file without view rights on the attachment
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to version 1.27.0, a user with no view rights on a page may see the content of an office attachment displayed with the view file macro. This issue has been patched in version 1.27.0...
Pro Macros 安全漏洞
Pro Macros is an XWiki enhancement plugin open-sourced by XWiki SAS. A security vulnerability exists in versions of Pro Macros prior to 1.27.0, which originates from the possibility that a user without view privileges may view the contents of office attachments via the view file macro...
XWiki view file macro: User can view content of office file without view rights on the attachment
Summary A user with no view rights on a page may see the content of an office attachment displayed with the view file macro. Details If on a public page is displayed an office attachment from a restricted page, a user with no view rights on the restricted page can view the attachment content, no...
GHSA-8C52-X9W7-VC95 XWiki view file macro: User can view content of office file without view rights on the attachment
Summary A user with no view rights on a page may see the content of an office attachment displayed with the view file macro. Details If on a public page is displayed an office attachment from a restricted page, a user with no view rights on the restricted page can view the attachment content, no...
PT-2025-47417
Name of the Vulnerable Software and Affected Versions XWiki versions prior to 1.27.0 Description A user lacking view permissions on a page may be able to access the content of an office attachment displayed using the view file macro. This occurs when an office attachment from a restricted page is...