Maven package
com.xwiki.pro/xwiki-pro-macros
pkg:maven/com.xwiki.pro/xwiki-pro-macros
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-44179 | cri | — | >= 1.13, < 1.14.5 | 1.14.5 | Jun 22, 2026 | ### Summary The excerpt-include macro does not properly escape the title of the included page and executes the content of the excerpt with the macro's rights. Therefore, it is vulnerable to XWiki syntax injection via the included page's title and content, allowing remote code exe |
- affected >= 1.13, < 1.14.5fixed 1.14.5
### Summary The excerpt-include macro does not properly escape the title of the included page and executes the content of the excerpt with the macro's rights. Therefore, it is vulnerable to XWiki syntax injection via the included page's title and content, allowing remote code exe