CNNVD-202508-168 Information
CNNVD ID
CNNVD-202508-168
Related CVE
- CNNVD Published: 2025-08-03
Description (Chinese)
XWiki Contrib Mocca Calendar Application是XWiki Contrib开源的一个XWiki插件。 XWiki Contrib Mocca Calendar Application 2.15之前版本存在跨站脚本漏洞,该漏洞源于查看事件页面标题存在跨站脚本。
Description (English)
XWiki Contrib Mocca Calendar Application is an XWiki plugin for XWiki Contrib open source. The previous version of XWiki Contrib Mocca Calendar Application 2.15 had a cross-site script loophole, which stemmed from the presence of a cross-site script in the title of the viewing event page.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
XWiki Contrib
Published
2025-08-03
Last Modified
2026-02-24
References
https://github.com/xwiki-contrib/application-mocca-calendar https://github.com/xwikisas/application-mocca-calendar https://github.com/xwikisas/application-mocca-calendar/security/advisories/GHSA-fjv4-pgh9-jfgc https://extensions.xwiki.org/xwiki/bin/view/Extension/MoccaCalendar https://access.redhat.com/security/cve/cve-2025-52132
Patch
https://github.com/xwikisas/application-mocca-calendar/tags
Share on: