CVE-2023-35152
CVE-2023-35152 concerns the XWiki Platform. Affects versions starting from 12.9-rc-1 up to but not including 14.4.8, 14.10.6, and 15.1. The issue lets any logged-in user insert dangerous content in the first name field, which is then executed with programming rights, leading to privilege escalati...