4 matches found
CVE-2023-29205
creationtimestamp| type| source ---|---|--- 2023-04-15 20:26:48+00:00| seen| https://t.me/cibsecurity/62234...
CVE-2023-29205 org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be...
CVE-2023-29205 org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be...
CVE-2023-29205
CVE-2023-29205 affects XWiki Commons: the HTML macro fails to properly neutralize script-related HTML tags, enabling stored cross-site scripting (XSS) when users render HTML via the macro, including on their profile pages. Affected component is XWiki Commons HTML macro handling within XWiki proje...