CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52131
https://notcve.org/view.php?id=CVE-2025-52131
03 Aug 2025 — The Mocca Calendar application before 2.15 for XWiki allows XSS via the background or text color field. La aplicación Mocca Calendar para XWiki anterior a 2.15 permite XSS a través del campo de color de fondo o de texto. • https://extensions.xwiki.org/xwiki/bin/view/Extension/MoccaCalendar • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52132
https://notcve.org/view.php?id=CVE-2025-52132
03 Aug 2025 — The Mocca Calendar application before 2.15 for XWiki allows XSS via a title to the view event page. La aplicación Mocca Calendar para XWiki anterior a 2.15 permite XSS a través de un título en la página de visualización de eventos. • https://extensions.xwiki.org/xwiki/bin/view/Extension/MoccaCalendar • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52133
https://notcve.org/view.php?id=CVE-2025-52133
03 Aug 2025 — The Mocca Calendar application before 2.15 for XWiki allows XSS via a title upon calendar import. La aplicación Mocca Calendar para XWiki anterior a 2.15 permite XSS a través de un título al importar el calendario. • https://extensions.xwiki.org/xwiki/bin/view/Extension/MoccaCalendar • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •