Lucene search
K

3 matches found

Cvelist
Cvelist
added 2023/04/15 3:27 p.m.26 views

CVE-2023-29205 org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro

XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be...

9.9CVSS9.3AI score0.00588EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2023/04/12 8:38 p.m.22 views

org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro

Impact The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be particularly dangerous since in a standard wiki, any user is able to use the html...

9.9CVSS5.1AI score0.00588EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/04/12 8:38 p.m.26 views

GHSA-VXF7-MX22-JR24 org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro

Impact The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be particularly dangerous since in a standard wiki, any user is able to use the html...

9.9CVSS7AI score0.00588EPSS
Exploits1References4
Rows per page
Query Builder