Filtered by vendor Xwiki
Subscriptions
Filtered by product Rendering
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32070 | 1 Xwiki | 2 Rendering, Xwiki | 2024-11-21 | 9.1 Critical |
| XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. There are no known workarounds apart from upgrading to a fixed version. | ||||
Page 1 of 1.