8 matches found
CVE-2025-55728
CVE-2025-55728 concerns the XWiki Remote Macros package, specifically the panel macro. The issue arises from missing escaping of the classes parameter in the panel macro, which is used within XWiki syntax and can lead to XWiki syntax injection. Affects versions 1.0 through 1.26.4 (and up to 1.26....
CVE-2025-55727 XWiki Remote Macros vulnerable to remote code execution from width parameter in the column macro
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the width parameter in the column macro allows remote code execution for any user who can edit any page or who can...
xwiki-pro-macros 安全漏洞
xwiki-pro-macros is an open source tool from XWiki SAS. It can enhance the functionality of XWiki. A security vulnerability exists in xwiki-pro-macros versions prior to 1.26.5, which stems from a lack of escaping of the title parameter and could lead to remote code execution...
xwiki-pro-macros 安全漏洞
xwiki-pro-macros is an open source tool from XWiki SAS. It can enhance the functionality of XWiki. A security vulnerability exists in xwiki-pro-macros versions prior to 1.26.5, which stems from a missing escape for the classes parameter and could lead to remote code execution...
xwiki-pro-macros 安全漏洞
xwiki-pro-macros is an open source tool from XWiki SAS. It can enhance the functionality of XWiki. A security vulnerability exists in xwiki-pro-macros versions prior to 1.26.5, which stems from a lack of escaping of the width parameter and could lead to remote code execution...
xwiki-pro-macros 安全漏洞
xwiki-pro-macros is an open source tool from XWiki SAS. It can enhance the functionality of XWiki. A security vulnerability exists in xwiki-pro-macros versions prior to 1.26.5, which stems from a missing escape for the ac:type parameter and could lead to remote code execution...
UBUNTU-CVE-2021-33503
An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP...
PT-2020-15537 · Jenkins · Jenkins Kubernetes Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Kubernetes Plugin versions 1.27.3 and earlier Jenkins Kubernetes Plugin versions prior to 1.27.4 Jenkins Kubernetes Plugin versions prior to 1.26.5 Jenkins Kubernetes Plugin versions prior to 1.25.4.1 Jenkins Kubernetes Plugin version...