CVE-2023-29201: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in org.xwiki.commons:xwiki-commons-xml.
References
- github.com/advisories/GHSA-m3jr-cvhj-f35j
- github.com/xwiki/xwiki-commons/commit/4a185e0594d90cd4916d60aa60bb4333dc5623b2
- github.com/xwiki/xwiki-commons/commit/b11eae9d82cb53f32962056b5faa73f3720c6182
- github.com/xwiki/xwiki-commons/security/advisories/GHSA-m3jr-cvhj-f35j
- jira.xwiki.org/browse/XCOMMONS-1680
- jira.xwiki.org/browse/XCOMMONS-2426
- jira.xwiki.org/browse/XWIKI-9118
Code Behaviors & Features
Detect and mitigate CVE-2023-29201 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →