Maven package
org.xwiki.platform/xwiki-platform-rendering-wikimacro-store
pkg:maven/org.xwiki.platform/xwiki-platform-rendering-wikimacro-store
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-49581 | — | >= 11.10.11 | — | Jun 13, 2025 | XWiki is a generic wiki platform. Any user with edit right on a page (could be the user's profile) can execute code (Groovy, Python, Velocity) with programming right by defining a wiki macro. This allows full access to the whole XWiki installation. The main problem is that if a w | ||
| CVE-2021-21379 | — | >= 11.4, < 11.10.11 | 11.10.11 | Mar 12, 2021 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform, the `{{wikimacrocontent}}` executes the content with the rights of the wiki macro author instead of the caller of that wiki macro. This |
- CVE-2025-49581Jun 13, 2025affected >= 11.10.11
XWiki is a generic wiki platform. Any user with edit right on a page (could be the user's profile) can execute code (Groovy, Python, Velocity) with programming right by defining a wiki macro. This allows full access to the whole XWiki installation. The main problem is that if a w
- CVE-2021-21379Mar 12, 2021affected >= 11.4, < 11.10.11fixed 11.10.11
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform, the `{{wikimacrocontent}}` executes the content with the rights of the wiki macro author instead of the caller of that wiki macro. This