2 matches found
CVE-2022-36094
XWiki Platform Web Parent POM contains Web resources for the XWiki platform, a generic wiki platform. Starting with version 1.0 and prior to versions 13.10.6 and 14.30-rc-1, it's possible to store JavaScript which will be executed by anyone viewing the history of an attachment containing javascri...
CVE-2022-36094
CVE-2022-36094 affects XWiki Platform Web Parent POM. The issue allows storing JavaScript that is executed when anyone views the history of an attachment whose name contains javascript, for versions starting from 1.0 up to but not including 13.10.6 and 14.30-rc-1. The vulnerability is mitigated b...