CVE-2021-3137
CVE-2021-3137 affects XWiki 12.10.2, enabling XSS via an SVG document uploaded to the comment feature. Root cause: insecure handling of SVG uploads leading to script injection. Impact: cross-site scripting in affected deployments. Mitigation: vendor fix (VendorFix) referenced by OpenVAS entries; ...