Lucene search

Cross-site Scripting by SVG upload in xwiki-platform

🗓️ 10 Feb 2022 22:48:42Reported by GitHub Advisory DatabaseType

Cross-site Scripting in xwiki-platform due to SVG uploa

Reporter	Title	Published	Views	Family All 8
NVD	CVE-2021-43841	4 Feb 202223:15	–	nvd
Prion	Default configuration	4 Feb 202223:15	–	prion
Cvelist	CVE-2021-43841 XSS by SVG upload in xwiki-platform	4 Feb 202222:30	–	cvelist
OpenVAS	XWiki XSS Vulnerability (GHSA-9jq9-c2cv-pcrj)	7 Feb 202200:00	–	openvas
OSV	Cross-site Scripting by SVG upload in xwiki-platform	10 Feb 202222:42	–	osv
OSV	CVE-2021-43841	4 Feb 202223:15	–	osv
CNVD	Xwiki Platform Cross-Site Scripting Vulnerability (CNVD-2022-13409)	10 Feb 202200:00	–	cnvd
CVE	CVE-2021-43841	4 Feb 202223:15	–	cve

Source	Link
github	www.github.com/xwiki/xwiki-platform/security/advisories/GHSA-9jq9-c2cv-pcrj
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-43841
github	www.github.com/xwiki/xwiki-platform/commit/5853d492b3a274db0d94d560e2a5ea988a271c62
jira	www.jira.xwiki.org/browse/XWIKI-18368
xwiki	www.xwiki.org/xwiki/bin/view/Documentation/AdminGuide/Attachments
github	www.github.com/advisories/GHSA-9jq9-c2cv-pcrj

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Feb 2022 22:42Current

5.2Medium risk

Vulners AI Score5.2

CVSS23.5

CVSS35.4

EPSS0.00125

CWE-79