CVE-2012-1019

Multiple cross-site scripting XSS vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 XWiki.XWikiCommentscomment parameter to xwiki/bin/commentadd/Main/WebHome, 2 XWiki.XWikiUsers0company parameter when editing a user profile, or 3...