Critical severity10.0OSV Advisory· Published Sep 9, 2025· Updated Apr 15, 2026

CVE-2025-55729

Description

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the ac:type in the ConfluenceLayoutSection macro allows remote code execution for any user who can edit any page The classes parameter is used without escaping in XWiki syntax, thus allowing XWiki syntax injection which enables remote code execution. Version 1.26.5 has a fix for the issue.

Affected products

Xwiki/Xwiki Pro MacrosOSV
Range: xwiki-pro-macros-1.0, xwiki-pro-macros-1.1, xwiki-pro-macros-1.1.1, …

Patches

61d5644ce198

[maven-release-plugin] prepare release xwiki-pro-macros-parent-1.26.5

https://github.com/xwikisas/xwiki-pro-macrosfarcasutMar 12, 2025via osv

commit

13 files changed · +16 −16

pom.xml+2 −2 modified

@@ -29,7 +29,7 @@
   </parent>
   <groupId>com.xwiki.pro</groupId>
   <artifactId>xwiki-pro-macros-parent</artifactId>
-  <version>1.26.5-SNAPSHOT</version>
+  <version>1.26.5</version>
   <packaging>pom</packaging>
   <name>Pro Macros - Parent POM</name>
   <description>Supercharge XWiki’s functionality with Pro macros. Compatible with Atlassian Confluence macros imported during migrations. Can be purchased individually or part of the XWiki Pro package. Try them free.</description>
@@ -54,7 +54,7 @@
     <connection>scm:git:git://github.com/xwikisas/xwiki-pro-macros.git</connection>
     <developerConnection>scm:git:git@github.com:xwikisas/xwiki-pro-macros.git</developerConnection>
     <url>https://github.com/xwikisas/xwiki-pro-macros/tree/master</url>
-    <tag>HEAD</tag>
+    <tag>xwiki-pro-macros-parent-1.26.5</tag>
   </scm>
   <!-- Even though this repository is already declared in the parent POM, we still explicitly redeclare it for
    convenience. This makes it simpler to build this project without having to declare this repository in one's own

xwiki-pro-macros-api/pom.xml+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-api</artifactId>
   <packaging>jar</packaging>

xwiki-pro-macros-confluence-bridges/pom.xml+2 −2 modified

@@ -25,10 +25,10 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-confluence-bridges-parent</artifactId>
-  <version>1.26.5-SNAPSHOT</version>
+  <version>1.26.5</version>
   <packaging>pom</packaging>
   <name>Pro Macros - Confluence bridges - Parent POM</name>
   <description>Bridges for various Confluence macros. Can be purchased individually or part of the XWiki Pro package. Try them free.</description>

xwiki-pro-macros-confluence-bridges/xwiki-pro-macros-confluence-bridges-api/pom.xml+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-confluence-bridges-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-confluence-bridges-api</artifactId>
   <packaging>jar</packaging>

xwiki-pro-macros-confluence-bridges/xwiki-pro-macros-confluence-bridges-legacy/pom.xml+2 −2 modified

@@ -25,10 +25,10 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-confluence-bridges-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-confluence-bridges-legacy-parent</artifactId>
-  <version>1.26.5-SNAPSHOT</version>
+  <version>1.26.5</version>
   <packaging>pom</packaging>
   <name>Pro Macros - Legacy Confluence bridges - Parent POM</name>
   <description>Legacy bridges for various Confluence macros. Can be purchased individually or part of the XWiki Pro package. Try them free.</description>

xwiki-pro-macros-confluence-bridges/xwiki-pro-macros-confluence-bridges-legacy/xwiki-pro-macros-confluence-bridges-legacy-api/pom.xml

+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-confluence-bridges-legacy-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <packaging>jar</packaging>
   <artifactId>xwiki-pro-macros-confluence-bridges-legacy-api</artifactId>

xwiki-pro-macros-confluence-bridges/xwiki-pro-macros-confluence-bridges-legacy/xwiki-pro-macros-confluence-bridges-legacy-ui/pom.xml

+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-confluence-bridges-legacy-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <!-- the artifact id doesn't match the folder. This is for backward compatibility,
        to ensure that user who installed the pro macros automatically get updates

xwiki-pro-macros-confluence-bridges/xwiki-pro-macros-confluence-bridges-ui/pom.xml+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-confluence-bridges-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-confluence-bridges-ui</artifactId>
   <packaging>xar</packaging>

xwiki-pro-macros-test/pom.xml+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
 
   <artifactId>xwiki-pro-macros-test</artifactId>

xwiki-pro-macros-test/xwiki-pro-macros-test-docker/pom.xml+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-test</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-test-docker</artifactId>
   <name>Pro Macros - Tests - Docker</name>

xwiki-pro-macros-test/xwiki-pro-macros-test-pageobjects/pom.xml+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-test</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-test-pageobjects</artifactId>
   <name>Pro Macros - Tests - Page Objects</name>

xwiki-pro-macros-ui/pom.xml+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-ui</artifactId>
   <packaging>xar</packaging>

xwiki-pro-macros-xip/pom.xml+1 −1 modified

@@ -25,7 +25,7 @@
   <parent>
     <groupId>com.xwiki.pro</groupId>
     <artifactId>xwiki-pro-macros-parent</artifactId>
-    <version>1.26.5-SNAPSHOT</version>
+    <version>1.26.5</version>
   </parent>
   <artifactId>xwiki-pro-macros-xip</artifactId>
   <name>Pro Macros - XIP</name>

06e6cf389322

Merge commit from fork

https://github.com/xwikisas/xwiki-pro-macrosFarcasutMar 10, 2025via osv

commit

1 file changed · +1 −1

xwiki-pro-macros-confluence-bridges/xwiki-pro-macros-confluence-bridges-ui/src/main/resources/Confluence/Macros/ConfluenceLayoutSection.xml

+1 −1 modified

@@ -514,7 +514,7 @@ This is a bridge for the Confluence Layout Section macro. It is usually used wit
       <code>{{velocity output="false"}}
 #macro (executeMacro)
   #set ($discard = $xwiki.ssx.use('Confluence.Macros.ConfluenceLayoutSection'))
-  #set ($cssLayoutClass = $xcontext.macro.params.get('ac:type'))
+  #set ($cssLayoutClass = $services.rendering.escape("$!xcontext.macro.params.get('ac:type')", 'xwiki/2.1'))
   (% class="macro-layout-section $cssLayoutClass" %)(((
     ## Since 11.5 the content of the macro can be edited in WYSIWYG editor.
     #if ($services.rendering.getMacroDescriptor($services.rendering.resolveMacroId('wikimacrocontent')))

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

News mentions

No linked articles in our index yet.

cvss	0.650
epss	0.001
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000