Security Patch - September 2025 - Macros
October 29, 2025
Vulnerability
Jahia Macros module is impacted by an XSS vulnerability.
Affected versions
- All versions of Macros up to and including 8.2.0
Macros is bundled with Jahia distribution; a vulnerable version of the module is present in all versions of Jahia up to and including 8.2.2.0
Addressing the vulnerability
The recommended method for addressing the vulnerabilities is to upgrade to macros 8.3.0 available from the Jahia store.
This version of the module specifically addresses this security vulnerability and can be deployed using your usual module deployment strategy (Jahia module manager UI, provisioning API, ...).
Mitigations
Considering the ease of adopting the fix, no mitigation is available, instead uprade the macros module from 8.2.0 to 8.3.0
Please do not hesitate to reach out to Jahia Support if you have any questions or concerns.