9 matches found
XWiki Contrib Mocca Calendar Application 跨站脚本漏洞
XWiki Contrib Mocca Calendar Application is an open source XWiki plugin for XWiki Contrib. A cross-site scripting vulnerability exists in XWiki Contrib Mocca Calendar Application versions prior to 2.15, which stems from cross-site scripting in the calendar import header...
XWiki Contrib Mocca Calendar Application 跨站脚本漏洞
XWiki Contrib Mocca Calendar Application is an open source XWiki plugin for XWiki Contrib. A cross-site scripting vulnerability exists in XWiki Contrib Mocca Calendar Application versions prior to 2.15, which stems from cross-site scripting in the title of the View Events page...
CVE-2025-46558
XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting XSS through HTML. In particular, using Markdown syntax, it's possible for...
CVE-2025-46558
XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting XSS through HTML. In particular, using Markdown syntax, it's possible for...
CVE-2025-46558 org.xwiki.contrib.markdown:syntax-markdown-commonmark12 vulnerable to XSS via Markdown content
XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting XSS through HTML. In particular, using Markdown syntax, it's possible for...
CVE-2025-46558 org.xwiki.contrib.markdown:syntax-markdown-commonmark12 vulnerable to XSS via Markdown content
XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting XSS through HTML. In particular, using Markdown syntax, it's possible for...
PT-2025-18319 · Xwiki · Xwiki Contrib'S Syntax Markdown
Name of the Vulnerable Software and Affected Versions: XWiki Contrib's Syntax Markdown versions 8.2 through 8.8 Description: The issue allows any user to embed Javascript code using Markdown syntax, which can be executed on the browser of other users visiting the document or comment containing it...
XWiki Contrib Change Request Security Vulnerability
Change Request is an open source library for XWiki Contrib. XWiki Contrib Change Request has a security vulnerability that stems from allowing changes to be requested on the wiki without having to publish the changes directly...
Change Request Cross-Site Scripting Vulnerability
Change Request is an open source library from XWiki Contrib. Change Request suffers from a cross-site scripting vulnerability that originates from a user without any specific privileges being able to perform script injection and remote code execution by simply inserting the appropriate headers wh...