GHSA-CP3J-273X-3JXC XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
Impact There is a reflected XSS or also direct remote code execution vulnerability in the code for displaying configurable admin sections. The code that can be passed through a URL parameter is only executed when the user who is visiting the crafted URL has edit right on at least one configuratio...