Cross-site Scripting (XSS)

Overview dompurify is a DOM-only XSS sanitizer for HTML, MathML and SVG. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the createDOMPurify function, via comments embedded in XML textarea attributes containing scripts. Details Cross-site scripting or XSS is a code...

XWiki Platform 访问控制错误漏洞

XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. An access control error vulnerability exists in XWiki Platform that originates from the possibility of exploiting the privileges of existing document content authors to execute...