CVE-2022-4527
CVE-2022-4527 affects collective.task up to 3.0.8. The vulnerability is a cross-site scripting flaw in renderCell/AssignedGroupColumn (src/collective/task/browser/table.py) that could be triggered remotely. Root cause: input handling in the affected component allows script injection. Remediation:...