CVE-2025-55729
CRITICALxwiki-pro-macros 1.0-1.26.4 - Remote Code Execution via ConfluenceLayoutSection Macro
Title source: llmDescription
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the ac:type in the ConfluenceLayoutSection macro allows remote code execution for any user who can edit any page The classes parameter is used without escaping in XWiki syntax, thus allowing XWiki syntax injection which enables remote code execution. Version 1.26.5 has a fix for the issue.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://github.com/xwikisas/xwiki-pro-macros/security/advisories/GHSA-22xj-jpjg-gpgw
Patch x_refsource_misc
https://github.com/xwikisas/xwiki-pro-macros/commit/06e6cf3893227527d0242a11e390642178d9df05
Various Sources x_refsource_misc
https://github.com/xwikisas/xwiki-pro-macros/blob/93ac1a38c829e3ef787379b2b45eb043a573e5f7/xwiki-pro-macros-confluence-bridges/xwiki-pro-macros-confluence-bridges-ui/src/main/resources/Confluence/Macros/ConfluenceLayoutSection.xml#L518
Various Sources x_refsource_misc
https://jira.xwiki.org/browse/XWIKI-20449
Scores
CVSS v3
10.0
EPSS
0.0068
EPSS Percentile
47.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-116
Status
published
Products (1)
xwikisas/xwiki-pro-macros
>= 1.0, < 1.26.5
Published
Sep 09, 2025
Tracked Since
Feb 18, 2026