org.xwiki.rendering:xwiki-rendering-syntax-xhtml
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.xwiki.rendering:xwiki-rendering-syntax-xhtmlpage 1 of 1
- CVE-2023-32070CRITICALCVSS 9.0EG 9.0✓ Fixed in 14.6-rc-12023-05-10
vulnerable: 10.0 ... 9.9-rc-2 (390 versions)
XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in …
- CVE-2025-53835CRITICALCVSS 9.0EG 9.0✓ Fixed in 14.102025-07-14
vulnerable: 10.0 ... 9.9-rc-2 (321 versions)
XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting in version 5.4.5 and prior to version 14.10, the XHTML syntax depended on the `…
Check whether org.xwiki.rendering:xwiki-rendering-syntax-xhtml is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.xwiki.rendering:xwiki-rendering-syntax-xhtml CVEs against the assets you own.
Start Free Scan →