CVE-2022-36096
The CVE-2022-36096 issue affects XWiki Platform’s Index UI, where an attacker could store JavaScript in attachment names viewed from the deleted attachments index, enabling XSS. Affected versions are prior to 13.10.6 and 14.3. The vulnerability is mitigated by upgrading to XWiki 13.10.6 or 14.3, ...