CVE-2023-29016
Goobi viewer core is affected by a cross-site scripting (XSS) vulnerability in user nicknames. An attacker could create a user account and inject malicious scripts into the nickname, leading to script execution in the user’s browser on pages that display nicknames. The issue is fixed in version 2...