XWiki Remote Macros
Moderate fix1 remedy
cpe:2.3:a:xwiki:pro_macros:*:*:*:*:*:*:*
Moderate fix1 remedy
- >= 1.0, < 1.26.5
XWiki Remote Macros Confluence Paste Code Macro Remote Code Execution Vulnerability
Vulnerability
Patched
A remote code execution vulnerability exists in the XWiki Remote Macros Confluence Paste Code macro, affecting versions 1.0 prior to 1.26.5. The issue arises from the title parameter not being properly escaped, allowing for XWiki syntax injection. This vulnerability can be exploited by any user who can edit a page.
Impact
Exploitation of this vulnerability allows for remote code execution on the server where XWiki is hosted.
Reproduction
To reproduce this vulnerability, insert the Confluence Paste Code macro into a page, specifying a title that includes unescaped XWiki syntax, such as a reference to a code execution macro. Alternatively, the vulnerability can be exploited through the Office document viewer macro by injecting a similar payload, as described in the related Jira issue XWIKI-20449.
Remediation
Users can update to XWiki Remote Macros version 1.26.5 or later, where this vulnerability has been patched.
Added: Sep 9, 2025, 7:26 PM
Updated: Sep 9, 2025, 7:26 PM
Vulnerability Rating
Custom Algorithm
spread
1.0impact
10.0exploitability
9.7remediation
7.7relevance
0.5threat
6.4urgency
2.9incentive
10.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.