The security policy that applies to all the XWiki Pro extensions is detailed on the following document: https://store.xwiki.com/xwiki/bin/view/Store/SecurityPolicy/ .
Security: xwikisas/xwiki-pro-macros
Security
SECURITY.md
-
View file macro: User can view content of office file without view rights on the attachmentGHSA-8c52-x9w7-vc95 published
Nov 18, 2025 by ChiuchiuSorinModerate -
Remote code execution using the confluence paste code macroGHSA-5w8v-h22g-j2mp published
Sep 9, 2025 by FarcasutCritical -
Remote code execution using the ConfluenceLayoutSection macroGHSA-22xj-jpjg-gpgw published
Sep 9, 2025 by FarcasutCritical -
Remote code execution using the panel macroGHSA-48f4-h726-74p5 published
Sep 9, 2025 by FarcasutCritical -
Remote code execution from width parameter in the column macroGHSA-hxqp-983c-m8h9 published
Sep 9, 2025 by FarcasutCritical -
Remote Code Execution via Viewpdf and similar macrosGHSA-cfq3-q227-7j65 published
Aug 12, 2024 by oanalaviniaCritical
Learn more about advisories related to xwikisas/xwiki-pro-macros in the GitHub Advisory Database