CNNVD-202508-167 Information
CNNVD ID
CNNVD-202508-167
Related CVE
- CNNVD Published: 2025-08-03
Description (Chinese)
XWiki Contrib Mocca Calendar Application是XWiki Contrib开源的一个XWiki插件。 XWiki Contrib Mocca Calendar Application 2.15之前版本存在跨站脚本漏洞,该漏洞源于背景或文本颜色字段存在跨站脚本。
Description (English)
XWiki Contrib Mocca Calendar Application is an XWiki plugin for XWiki Contrib open source. The previous version of XWiki Contrib Mocca Calendar Application 2.15 had a cross-site script loophole, which originated in the background or in the text colour field.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
XWiki Contrib
Published
2025-08-03
Last Modified
2026-02-24
References
https://github.com/xwikisas/application-mocca-calendar/security/advisories/GHSA-jvq4-j2qw-q7x2 https://github.com/xwiki-contrib/application-mocca-calendar https://extensions.xwiki.org/xwiki/bin/view/Extension/MoccaCalendar https://access.redhat.com/security/cve/cve-2025-52131
Patch
https://github.com/xwikisas/application-mocca-calendar/tags
Share on: