Cross-Site Scripting (XSS)
org.xwiki.commons:xwiki-commons-xml is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape arbitrary HTML code before it output to the front end, allowing an attacker to inject and execute malicious javascript on the victim's browser...