CVE-2025-53836

XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...

CVE-2025-53836

XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper handling of the restricted attribute of the transformation context during the processing of nested macros. An attacker can execute arbitrary code with elevated privileges by crafting malicious macro...

XWiki Rendering 安全漏洞

XWiki Rendering is a general-purpose rendering system from the XWiki Foundation that converts text input from a given syntax wiki syntax, HTML, etc. to another syntax XHTML, etc.. A security vulnerability exists in XWiki Rendering versions prior to 4.2-milestone-1, prior to 13.10.11, prior to...

Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware

During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed both old and new techniques to trick their intended victims into accessing malicious links and enabling macro content...

CVE-2007-0208

CVE-2007-0208 is the Microsoft Word Macro Vulnerability described in MS07-014. Word 2000 SP3, Word 2002/XP SP3, Word 2003 SP2, Works 2004–2006, and Word 2004 for Mac are affected by a flaw where Word does not properly validate the document’s properties, failing to display the macro security warni...