The security policy that applies to all the XWiki Pro extensions is detailed on the following document: https://store.xwiki.com/xwiki/bin/view/Store/SecurityPolicy/ .
Security: xwikisas/application-mocca-calendar
Security
SECURITY.md
-
Cross Site Scripting in recurrent event titleGHSA-wfqm-4f92-8m4j published
Dec 12, 2025 by ChiuchiuSorinHigh -
Cross Site Scripting in background/text color or in the default calendar colorsGHSA-jvq4-j2qw-q7x2 published
Jul 30, 2025 by ChiuchiuSorinCritical -
Cross Site Scripting in the Event view page after importGHSA-mc3x-h7p6-334p published
Jul 30, 2025 by ChiuchiuSorinHigh -
Cross Site Scripting in the Event view pageGHSA-fjv4-pgh9-jfgc published
Jul 30, 2025 by ChiuchiuSorinHigh
Learn more about advisories related to xwikisas/application-mocca-calendar in the GitHub Advisory Database