CRITICAL🇵🇱 Wersja polska

CVE-2025-55728

CVSS 10.0v3.1pub. 2025-09-09upd. 2025-09-17

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the classes parameter in the panel macro allows remote code execution for any user who can edit any page The classes parameter is used without escaping in XWiki syntax, thus allowing XWiki syntax injection which enables remote code execution. Version 1.26.5 contains a patch for the issue.

🤖 AI Analysis
How it works

The classes parameter of the Panel macro is inserted into XWiki syntax without proper escaping. An attacker can provide a specially crafted value for this parameter, which will be interpreted as XWiki syntax injection. As a result, the XWiki rendering engine will process the embedded payload as code, leading directly to RCE on the server. It is sufficient that a user has the ability to edit any page in the instance — administrative privileges are not required.

Impact

An attacker can gain full control over the XWiki instance, including reading and modifying all data, executing arbitrary system commands, and potentially compromising the entire server environment (violation of confidentiality, integrity, and availability).

Mitigation & patch

Update XWiki Pro Macros to version 1.26.5, which contains an official patch eliminating the missing escaping of the classes parameter in the Panel macro. If immediate update is not possible, consider restricting page editing permissions to trusted users until the patch is deployed.

Who is affected

XWiki Pro Macros (xwiki-pro-macros) in versions from 1.0 to earlier than 1.26.5

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Xwiki Pro Macros

    APP
    Xwiki
    1.0 – 1.26.5 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-55727CRITICAL10.0PL ✓ten sam produkt

XWiki Pro Macros: RCE przez brak escapowania parametru width w makro column

CVE-2024-42489CRITICAL10.0PL ✓ten sam produkt

RCE przez brak escapowania w makrze Viewpdf w XWiki Pro Macros

CVE-2025-65036HIGH8.3ten sam produkt

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Pr...

CVE-2025-65089MEDIUM6.8ten sam produkt

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Pr...

CVE-2025-24893CRITICAL9.8⚠ KEVPL ✓ten sam vendor

XWiki Platform — niezautoryzowany RCE przez endpoint SolrSearch