org.xwiki.contrib:macro-fullcalendar-pom

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.xwiki.contrib:macro-fullcalendar-pompage 1 of 1

CVE-2025-65090MEDIUMCVSS 5.3EG 5.3✓ Fixed in 2.4.6
2026-01-10
XWiki Full Calendar Macro displays objects from the wiki on the calendar. Prior to version 2.4.6, users with the rights to view the Calendar.JSONService page (including guest users) can exploit the data leak vulnerability by accessing data…
CVE-2025-65091CRITICALCVSS 10.0EG 10.0✓ Fixed in 2.4.5
2026-01-10
XWiki Full Calendar Macro displays objects from the wiki on the calendar. Prior to version 2.4.5, users with the right to view the Calendar.JSONService page (including guest users) can exploit a SQL injection vulnerability by accessing dat…

Check whether org.xwiki.contrib:macro-fullcalendar-pom is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.xwiki.contrib:macro-fullcalendar-pom CVEs against the assets you own.

Start Free Scan →