Product
A critical vulnerability, CVE-2026-44179, exists in XWiki Pro Macros versions before 1.14.5, allowing remote code execution for any user with page editing rights due to improper escaping of page titles and content processed by the excerpt-include macro, leading to XWiki syntax injection and full compromise of the XWiki installation.