4 matches found
CVE-2025-53836
XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...
CVE-2025-53836
XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper handling of the restricted attribute of the transformation context during the processing of nested macros. An attacker can execute arbitrary code with elevated privileges by crafting malicious macro...
XWiki Rendering 安全漏洞
XWiki Rendering is a general-purpose rendering system from the XWiki Foundation that converts text input from a given syntax wiki syntax, HTML, etc. to another syntax XHTML, etc.. A security vulnerability exists in XWiki Rendering versions prior to 4.2-milestone-1, prior to 13.10.11, prior to...