GHSA-7RCC-Q6RQ-JPCM DNN affected by Stored Cross-Site Scripting (XSS) in Profile Biography field

Summary Users can use special syntax to inject javascript code in their profile biography field. Although there was sanitization in place, it did not cover all possible scenarios Description When embedding information in the Biography field, even if that field is not rich-text, users could inject...

XWiki Platform Security Vulnerability

The XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki that stems from the fact that Solr-based searches in XWiki expose the password hashes of all users to anyone who is authorized to view the...