CVE-2024-47882 OpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious project

OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the built-in "Something went wrong!" error page includes the exception message and exception traceback without escaping HTML tags, enabling injection into the page if an attacker can reliably produce an...