CVE-2021-43841
CVE-2021-43841 — XWiki Platform SVG upload XSS . In the default XWiki configuration, an attacker could upload an SVG containing a script that executes when a user performs a file download. The issue has been mitigated by patching the default configuration to stop displaying SVG files in the brows...