3 matches found
EUVD-2023-1264
Malicious code in bioql PyPI...
CVE-2023-29201 org.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1, only escaped and -tags but neither attributes that can be used to inject scripts nor other dangerous HTML tags like . ...
org.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability
Impact The "restricted" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1, only escaped and -tags but neither attributes that can be used to inject scripts nor other dangerous HTML tags like . As a consequence, any code relying on this "restricted" mode for security is...