GHSA-XR6M-2P4M-JVQF XWiki Platform Wiki UI Main Wiki Eval Injection vulnerability
Impact It's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script macros via the request URL parameter using the XWikiServerClassSheet if the user has view access to this sheet and another page that has been saved with programming rights, a standard condition on a...