2 matches found
CVE-2023-29201
XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1, only escaped...
CVE-2023-29201
XWiki Commons (org.xwiki.commons:xwiki-commons-xml) is affected by an XSS vulnerability in the HTML cleaner’s restricted mode introduced in 4.2-milestone-1. The restricted mode only escaped [removed] and tags, but did not escape dangerous attributes or other HTML elements (e.g., iframe), enablin...