Scan free
Pending AnalysisCVE-2025-55729

XWiki Remote Macros vulnerable to remote code execution using the ConfluenceLayoutSection macro

Platform

java

Component

xwiki-pro-macros

Fixed in

1.26.5

View on NVD
Save

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the ac:type in the ConfluenceLayoutSection macro allows remote code execution for any user who can edit any page The classes parameter is used without escaping in XWiki syntax, thus allowing XWiki syntax injection which enables remote code execution. Version 1.26.5 has a fix for the issue.

Java / Maven

Detect this CVE in your project

Upload your pom.xml file and we'll tell you instantly if you're affected.

Upload pom.xmlSupported formats: pom.xml · build.gradle

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

0.50% (66% percentile)

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H10.0CRITICALAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeChangedImpact beyond the vulnerable componentConfidentialityHighRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Changed — successful attack can pivot beyond the vulnerable component to other systems or the host OS.
Confidentiality
High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Affected Software

Componentxwiki-pro-macros
Vendorxwikisas
Minimum version1.0
Maximum version1.26.4
Fixed in1.26.5

Weakness Classification (CWE)

CWE-116

Timeline

  1. Published
  2. Modified
  3. EPSS updated

How to fix

Actualice el plugin XWiki Remote Macros a la versión 1.26.5 o superior. Esta versión contiene una corrección para la vulnerabilidad de ejecución remota de código. La actualización se puede realizar a través del administrador de plugins de XWiki.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs
Java / Maven

Detect this CVE in your project

Upload your pom.xml file and we'll tell you instantly if you're affected.

Upload pom.xmlSupported formats: pom.xml · build.gradle
livefree scan

Scan your Java / Maven project now — no account

Upload your pom.xml and get the vulnerability report instantly. No account. Uploading the file is just the start: with an account you get continuous monitoring, Slack/email alerts, multi-project and white-label reports.

Manual scanSlack/email alertsContinuous monitoringWhite-label reports

Drag & drop your dependency file

composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...