2 matches found
CVE-2023-37912
Summary: CVE-2023-37912 affects XWiki Rendering’s footnote macro. Prior to versions 14.10.6 (footnotes macros) and 15.1-rc-1 (footnotes macro), the footnote macro could execute content in a different context, enabling privilege escalation from a user to programming rights and potentially remote c...
CVE-2025-66474
The CVE-2025-66474 entry concerns XWiki Rendering. Affected: XWiki Rendering versions 16.10.9 and earlier, 17.0.0-rc-1 through 17.4.2, and 17.5.0-rc-1 through 17.5.0. Root cause: insufficient protection against {{/html}} injection, enabling attackers who can edit a profile or any document to exec...