关键漏洞信息 漏洞名称 Remote code execution using the ConfluenceLayoutSection macro 严重性 CVSS v3 base metrics: Critical (10.0/10) Attack vector: Network Attack complexity: Low Privileges required: None User interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High 影响版本 Affected versions: >=1.0 Patched versions: 1.26.5 描述 Summary: Missing escaping of the actype in the ConfluenceLayoutSection macro allows remote code execution for any user who can edit any page. Details: The classes parameter is used without escaping in XWiki syntax, thus allowing XWiki syntax injection which enables remote code execution. PoC As a user add the panel macro and in the classes parameter input or just using viewing rights using https://jira.xwiki.org/browse/XWIKI-20449 CVE ID CVE-2025-55729 弱点 No CWEs