VYPR

Maven package

org.xwiki.platform/xwiki-platform-rendering-xwiki

pkg:maven/org.xwiki.platform/xwiki-platform-rendering-xwiki

Vulnerabilities (2)

  • CVE-2025-49582Jun 13, 2025
    affected >= 15.9-rc-1, < 16.4.7fixed 16.4.7

    XWiki is a generic wiki platform. When editing content that contains "dangerous" macros like malicious script macros that were authored by a user with fewer rights, XWiki warns about the execution of these macros since XWiki 15.9RC1. These required rights analyzers that trigger t

  • CVE-2023-29205Apr 15, 2023
    affected < 14.8-rc-1fixed 14.8-rc-1

    XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attac