MAL-2025-47832 Malicious code in react-content-parser (npm)

The package react-content-parser was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed262514ac58c1f13a4761aa92199769727342ebbd70431d112061e34da94a00 Any computer that has this package installed or running should be considered fully...

Malicious code in react-content-parser (npm)

The package react-content-parser was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed262514ac58c1f13a4761aa92199769727342ebbd70431d112061e34da94a00 Any computer that has this package installed or running should be considered fully...

CVE-2025-53836

XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...

Remote Code Execution (RCE)

org.xwiki.rendering:xwiki-rendering-transformation-macro is vulnerable to Remote Code Execution RCE. The vulnerability is due to the macro content parser failing to preserve the restricted attribute in the transformation context, allowing execution of normally forbidden macros like script macros ...

CVE-2025-53836

XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper handling of the restricted attribute of the transformation context during the processing of nested macros. An attacker can execute arbitrary code with elevated privileges by crafting malicious macro...

XWiki Rendering 安全漏洞

XWiki Rendering is a general-purpose rendering system from the XWiki Foundation that converts text input from a given syntax wiki syntax, HTML, etc. to another syntax XHTML, etc.. A security vulnerability exists in XWiki Rendering versions prior to 4.2-milestone-1, prior to 13.10.11, prior to...

PT-2024-37986 · Flute Cms · Flute Cms

Name of the Vulnerable Software and Affected Versions: Flute CMS version 0.2.2.4-alpha Description: A critical issue affects the replaceContent function of the ContentParser.php file in the Notification Handler component, leading to code injection. The attack can be initiated remotely...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by a lack of permission checking in the content parsing program. An attacker can exploit this vulnerability to obtain sensitive information...