4 matches found
CVE-2025-46558
XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting XSS through HTML. In particular, using Markdown syntax, it's possible for...
CVE-2025-46558 org.xwiki.contrib.markdown:syntax-markdown-commonmark12 vulnerable to XSS via Markdown content
XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting XSS through HTML. In particular, using Markdown syntax, it's possible for...
CVE-2025-46558 org.xwiki.contrib.markdown:syntax-markdown-commonmark12 vulnerable to XSS via Markdown content
XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting XSS through HTML. In particular, using Markdown syntax, it's possible for...
CVE-2025-46558
The CVE-2025-46558 issue affects XWiki Contrib's Syntax Markdown (org.xwiki.contrib.markdown:syntax-markdown-commonmark12). A cross-site scripting (XSS) vulnerability exists in Markdown syntax versions 8.2 through before 8.9 via HTML, allowing any user to embed JavaScript that executes in other u...